The Systems Security Analyst III role is responsible for incident response, vulnerability management, product support / deployment, and more.
This role is ideal for candidates seeking to gain strong exposure to multiple areas of Information Security. Candidates for this position must enjoy working as a member of a technical team, be innovative, and have the ability to strategically problem solve.
Incident Response : Perform incident response via levering security solutions deployed within organization and its counterparts.
The analyst shall be able to leverage solutions such as our SIEM, SOAR EDR, Anti-virus, NDR, email filters, web filters and more.
This role, will require an understanding of basic static / dynamic malware analysis along with packet analysis. A successful candidate must be able to correlate events from solutions in order to successfully respond to an incident.
Vulnerability Management : Conduct a variety of vulnerability management duties while working in conjunction with other staff members and departments for proper resolution.
A successful candidate must have a strong understanding of vulnerability scanning and managing the assignment vulnerabilities in an automated manner.
Experience with Tenable.io or similar, ServiceNow Vulnerability Response, or patch management experience is a plus.
Product Support : Provide support for a variety of Information Security assurance and forensics tools such as SIEM, SOAR, EDR, Anti-virus, NDR, email filter, web filter, etc for the purpose of general administrative maintenance and configuration maturity.
Security Assurance : Conduct a variety of assurance activities including being involved with external and internal audits.
Participating in security policy, standards, and procedure meetings for purpose of continued security maturity.
Security Maturity : Analyze manual Information Security functions and provide recommendations for automated improvements to Information Security management.
Passion for information security and willingness to influence peers from a knowledge growth perspective.
Ability to identify obfuscation and perform de-obfuscation in various forms
Forensic experience (Supporting products similar to FireEye, Access Data or Encase)
Networking background (CompTIA Network + or similarCisco)
Vulnerability Management Exposure ( Tenable Nessus, Tenable i.o or similar scanners, Kenna Security Analytics)
SSL Decryption and or Data Recording exposure
Security Benchmarking (Similar to NIST, CIS)
Hands-on experience Experience with incident response best practice and the MITRE attack framework
Hands-on Experience with FireEye product line or similar solutions such as or CrowdStrike is a plus
Hands-on Experience with packet capturing and analysis
Hands-on Experience with basic static and dynamic malware analysis
Hands-on Experience with vulnerability scanners such as Tenable.io / Nessus or similar
Hands-on Experience with vulnerability management solutions such a ServiceNow Vulnerability Response or similar
Hands-on Experience with and exploit frameworks such as Metasploit, Cobalt Strike / Armitage
A Bachelor’s degree in Computer Science or related field; and a minimum of four five years I / T experience; or an equivalent combination of experience and education.
Analyze, validate, and maintain security controls put in place as a result of ongoing evaluations, including maintenance and monitoring, metrics, vulnerability analysis, patch management, logging, and identity management.
Knowledge of recommended information security controls including HIPAA, HITECH, SASAE, SB712
Demonstrated knowledge of project management techniques
Must possess strong problem resolution skills, while under severe time constraints. Desire to automate and create process improvements to support IT controls and processes.
Ability to effectively listen and communicate in order to present technical concepts to audiences of all levels both verbally and in writing.
Communication may include oral presentations and / or written documents.
Ability to prioritize and complete assignments independently in a rapidly changing and dynamic work environment along with good organizational skills.
Familiar with the CBC business environment in order to effectively support end user requirements.
In depth technical understanding and work experience in support of security assurance tools such as logging and monitoring, URL Content Filtering, Web Application Scanning, Federated Identity Management, etc.
Ability to provide 24-hour on-call assistance to support customers and IT initiatives.
Degree within Computer Science, Information Security or related field.
ISC2) CISSP, GIAC or similar
CompTIA Security +
CompTIA Network + or similar certification or knowledge of routing and switching
Capital BlueCross is an independent licensee of the BlueCross BlueShield Association. We are an equal opportunity / affirmative action employer and do not discriminate on the basis of race, color, religion, national origin, gender, sexual orientation, gender identity, age, genetic information, physical or mental disability, veteran status, or marital status, or any other status protected by applicable law.