Principal Cloud Security Architect (100% Remote) - Blue Cross Blue Shield Association Chicago, Illinois, USA Bookmark Share Print 754 0 0

Listing Description

Job Description Summary

Are you someone who enjoys thriving in an exciting and fast paced environment where innovation, building secure solutions, being part of something bigger, and seeing your results come alive are all rewarded? If so, Blue Cross Blue Shield Association (BCBSA) Information Security may be the right fit for you. As the Principal Cloud Security Architect at BCBSA, you will lead the design, delivery, and integration of appropriate security monitors, defenses, countermeasures, and other security foundational capabilities to enable a robust and reliable secure by design cloud platform, as well as secure and compliant delivery of products and services for cloud-enabled solutions, products and services used by BCBSA. In this highly specialized role, you will partner with IT business leaders, Cloud Center of Excellence (CCOE) and other stakeholders to understand the broader vision and pathway for cloud security and translate that vision into the secure by design technological and process requirements. You will design, develop, and implement cloud security policies, architectures, and technical specifications, leveraging industry leading practices to support technology applications and recommend future investments and information security roadmaps. You will also serve as the voice of security architecture for cloud based strategic initiatives, adoption programs, and in charting the course for secure and reliable product adoption. You will work as a team to architect and deliver cloud-native, agile ways of working that ensure secure by design concepts and principles throughout the product and/or program lifecycle.

Responsibilities include but are not limited to:

• Develops strategy and roadmap for the cloud security controls and processes portfolio. Partners with the CCOE, security teams and IT leadership to assess cloud security risks by establishing security architecture with a focus on threat detection, security control enforcement, and incident response.
• Serves as the subject matter expert in secure cloud technology design, development, and implementation in support of products, solutions, and business functionality enablement. Drafts and reviews policies, standards, and guidelines to enhance and ensure secure by design is designed and delivered to meet business use cases and requirements. Establishes architecture design principles and practices to improve performance, effectiveness, security, compliance and scalability of solutions.
• Collaborates with business teams to understand vision and scope for cloud security solutions and defines requirements. Implements cloud infrastructure security best practices across the department and trains, guides, develops and mentors' other team-members.
• Analyzes, recommends, and implements advanced and innovative cloud security solutions. Leads testing, deployment, and continuous improvement of cloud security solutions.
• Defines solution validation policies to ensure adherence with system and quality assurance goals.

Required Education, Certifications and Experience

• Ten (10) or more years of relevant technical and business experience working in roles, such as: Security Architect, Enterprise Architect, Solution Architecture, Technical Team Lead
• A minimum of eight (8) years of relevant engineering experience preferably in a DevOps environment working with tools such as AWS CDK, Terraform, Ansible, Git, Puppet, or equivalent.
• A minimum of three (3) years of experience in cloud computing technologies like AWS, Azure, GCP, or equivalent.
• Interpersonal Relationships - Knowledge of the techniques and the ability to work with a variety of individuals and groups in a constructive and collaborative manner.
• Problem Solving - Knowledge of approaches, tools, techniques for recognizing, anticipating, and resolving organizational, operational or process problems; ability to apply this knowledge appropriately to diverse situations.
• Leadership - Ability to work with a group to set its objectives and agenda, generate allegiance to those objectives, and guide and motivate their achievement.
• Industry Knowledge - Knowledge of the organization's industry group, trends, directions, major issues, regulatory considerations, and trendsetters; ability to apply this knowledge appropriately to diverse situations.
• IT Environment - Knowledge of organization's total Information Technology (IT) environment with minimum knowledge of MS office and other software’s used by the organization.
• Effective communication skills - (written and verbal) to properly articulate complicated cloud reports to management and other IT development partners.

Preferred Education, Certifications and Experience

• Bachelor's Degree B.A. or B.S. in any discipline
• TOGAF (Open Group)
• CISSP (ISC2)
• CISM (ISACA)
• AWS Security
• Azure Security
• AWS CCSA - Professional
• AWS CCSA - Associate
• AWS DevOps
• CCSP (ISC2)
• Extensive experience in creating governance frameworks, infrastructure as code tools, and hands-on experience deploying native public cloud applications.
• Experience with tools such as software provisioning, configuration management, application-deployment, network segmentation and monitoring, server monitoring and visualization.
• Experience with storage, data backup and collaboration tools.

People Management – No