Sr. Security Engineer Operations

Job Locations US-IL-Chicago
Job ID
2022-3826
# of Openings
1
Category
Information Security
Level
Mid Senior Level

Overview

Are you someone who enjoys thriving in an exciting and fast paced environment where innovation, building secure solutions, being part of something bigger, and seeing your results come alive are all rewarded? If so, Blue Cross Blue Shield Association (BCBSA) Information Security may be the right fit for you.

 

The Sr Security Engineer Operations position leads a team of security administrators handling many aspects of information security systems management and operations. This includes day-to-day management of information security tooling, including support, installation and maintenance of infrastructure components such as IDS, SIEM, HSM, WAF, and packet capture tools. Additionally, this role will work with other internal and external teams tasked with maintaining solutions relied upon by the security team. The ideal candidate will have specialized knowledge of Web Application Firewall administration and will be directly responsible for end-to-end administration and support for all WAF-related issues. A secondary responsibility will be to assist with incident response and forensics activities.

Responsibilities

Responsibilities include but are not limited to:

 

  • Lead a team of security administrators responsible for configuring, maintaining, and troubleshooting multiple technologies such as IPS/IDS, SIEM, WAF, HSM, geofiltering, packet capture, and network malware detection solutions
  • Operational ownership and support of the Web Applications Firewall (WAF), including managing WAF rules and creating custom policies
  • Provide oversight for the management of tooling managed by other internal and external teams or MSSPs such as web proxies, endpoint AV, EDR, email filtering, and identity solutions
  • Define and deliver key operational and performance metrics for assigned technologies
  • Provide Tier 1 support for incident response and threat detection activities
  • Provide on-call security support on a rotational basis
  • Collaborate with other information security teams to mature our security portfolio
  • Automate security functions wherever possible, including contributing to internally developed and/or open source security tools
  • Full administration and management of assigned technologies
  • Oversight of key security technologies not managed by Information Security as assigned
  • Management of MSSP Vendors who provide operational support
  • Mentoring and team building
  • Tier 1 Incident Response and Threat Detection

Qualifications

Required Basic Qualifications:

 

  • Bachelor’s degree
  • Minimum 7 years in a Information Technology domain
  • Minimum of 2 years Web Application Firewall (WAF) administration
  • Cloud administration experience (AWS/Azure)
  • Experience developing custom automation for common system administration processes
  • Experience administering Splunk, Elastic Search, or other SIEM/analytics technologies
  • Experience administering other security tooling such as IDS, Web Proxy, SIEM, WAF, HSM, and/or packet capture tools SOC/IR experience
  • Strong knowledge of web protocols (especially HTTP and HTTPS)
  • Working knowledge of web-application security concepts
  • Knowledge of SQL Injection, XSS, RCE, Buffer Overflows, filter invasion, and other application-layer attacks
  • Demonstrated experience managing and administering systems security appliances and/or Unix/Linux environments
  • Demonstrated ability to program or “script” in languages such as Python, Perl, PowerShell, or Bash
  • Advanced knowledge of operating systems, network troubleshooting, and common applications
  • Advanced troubleshooting and problem resolution skills
  • Demonstrated proficiency in Unix/Linux systems administration

Equal Opportunity Employer

Blue Cross Blue Shield Association is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, sexual orientation, national origin, age, gender identity, disability, veteran status, genetic information or any other legally protected characteristics

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed

Need help finding the right job?

We can recommend jobs specifically for you! Click here to get started.