Schedule: Hybrid
Compensation: $71,700 - $107,700
Jump into the new world of health insurance:
At Blue Cross & Blue Shield of Rhode Island (BCBSRI), our business is healthcare. But our focus is on improving lives. Be part of a team that is large enough to make a difference but small enough to be innovative. Work in a rapidly changing field. Take a chance to be creative. Move outside the status quo. Shape new ideas with the power of a national brand behind you.
Join others who know diversity is strength:
We appreciate and celebrate everything that makes us unique: age, national origin, citizenship status, perspectives, experiences, physical or mental disability, military status, race, ethnicity, religion, gender, sexual orientation, gender identity and/or expression. Our diversity strengthens us as an organization and helps us better serve an increasingly diverse Rhode Island population.
Why this job matters:
Blue Cross & Blue Shield of RI is seeking an innovative and responsible security professional to join our organization's Information Security team. In this position, you will play a crucial role in safeguarding the confidentiality, integrity, and availability of BCBSRI's information systems and ensure compliance with applicable regulations and standards. This role will include governance, risk, and compliance responsibilities, including areas such as, issue management, cloud risk management, and project management.
What you will do:
- Conduct scheduled security assessments to identify, assess, treat, and monitor cybersecurity risks.
- Lead and manage findings brought through the risk reporting and risk exception process.
- Document and report on audit control failures and gaps to stakeholders, provide remediation guidance, and prepare reports to track remediation activities.
- Advance BCBSRI's security-conscious culture by maturing existing risk management processes to monitor, track, measure and report on security and IT risks to the enterprise.
- Partner with business stakeholders when onboarding vendor solutions or applications to ensure adequate security controls are available and enabled in production.
- Consult with business stakeholders on the design, implementation, and adjustment of mitigating controls associated with cloud-native solutions; and
- Coordinate as the Information Security point of contact for enterprise projects and overall security project management.
What you need to succeed:
- Bachelor's degree in Cybersecurity, Information Security, Information Technology, Risk Management, or similar areas of study from an accredited college or university. OR
- A high school diploma combined with strong industry experience and/or candidates currently enrolled in a bachelor's degree program will be considered.
- 3+ years of relevant industry experience, ideally focused in GRC programs (Issue Management, Technology Governance, etc.)
- Relevant certifications are preferred, such as CISSP, CISA, CRISC, or equivalent, but are not required.
Extras:
- Working knowledge or experience with cloud infrastructure (Microsoft Azure and/or Google Cloud Platform)
- Knowledge of HITRUST, NIST Cybersecurity Framework and/or CIS Control Framework
- Understanding of HIPAA security and privacy compliance
- Experience in developing, documenting, and maintaining security policies, standards, controls, and procedures preferred.
- Experience with GRC Tools, such as Archer RSA or ServiceNow.
- Advanced knowledge of Microsoft Office; including Outlook, Word, Excel, and PowerPoint.
- Strong analytical and organizational skills.
- Effective oral and written communication skills.
- Must be a self-driven, team player.
Location:
BCBSRI is headquartered in downtown Providence, conveniently located near the train station and bus terminal. We actively support associate well-being and work/life balance and offer the following schedules, based on role:
- In-office: onsite 5 days per week
- Hybrid: onsite 2-4 days per week
- Remote: onsite 0-1 days per week. Permitted to reside in the following states, pending approval from the Human Resources Department: Arizona, Connecticut, Florida, Georgia, Louisiana, Massachusetts, North Carolina, Oklahoma, Rhode Island, South Carolina, Texas, Virginia