Blue Cross Blue Shield Association is hiring: Director, Cybersecurity (Architect

Director, Cybersecurity (Architecture) – Blue Cross Blue Shield Association

Join to apply for the Director, Cybersecurity (Architecture) role at Blue Cross Blue Shield Association.

The Hiring Range For This Role: 162,996.28 - 244,494.42. This range represents the compensation we believe we would pay at the time of posting. The final offer may be higher or lower and can be modified in the future. Factors influencing placement within the range include competencies, education, qualifications, certifications, experience, skills, seniority, performance, travel requirements, shift, and business or organizational needs. This job is eligible for annual bonus incentive pay. We offer a comprehensive benefits package to eligible employees, including paid time off, holidays, medical/dental/vision insurance, generous 401(k) matching, lifestyle spending account, and other benefits.

Note: No amount of pay is considered wages or compensation until earned, vested, and determinable. Bonus, commissions, or other compensation allocable to a particular employee remain at the Company’s sole discretion unless otherwise paid and may be modified at the Company’s sole discretion, consistent with the law.

Job Description Summary

This role will lead and oversee the full lifecycle of technology controls and processes within a specific security domain or program to safeguard against current and new cyber threats. The role provides strategic direction and ensures tactical execution to defend and protect against an evolving business risk profile in an advanced, technology-led environment. The role partners with internal and external stakeholders to evolve, modernize, and align the portfolio of security technology services and capabilities that anticipate and mitigate cyber impacts and promote business resiliency. The role leads a distinguished team delivering cyber protection capabilities with a customer focus.

Responsibilities

• Leadership: Serve as a thought leader in budgeting, planning, coordinating, arranging, and tracking progress against plans to drive innovation, growth, and continuous excellence
• Performance Measurement and Reporting: Establish and maintain processes to measure and report team performance and business value. Demonstrate team outputs to stakeholders at an executive level.
• Research and Risk Management: Monitor emerging security technologies and industry trends. Identify new attack vectors and assess security risks, formulating mitigation plans.
• Collaboration and Compliance: Integrate security measures into business processes with cross-functional teams. Address legal and regulatory requirements with legal and compliance teams. Participate in security audits and assessments.
• Team Management and Communication: Manage and motivate diverse teams. Communicate security concerns and best practices to stakeholders. Assist in security-related documentation.

Education

Required Education, Certifications and Experience:

• Required: Bachelor's Degree in Computer Science, Information Technology, or related field; or equivalent work experience

Experience

• 10+ years information security experience with a heavy technical focus and progressively increasing responsibility
• Previous supervisory experience and proven success in managing technical teams

Knowledge, Skills & Abilities

• Technical domain knowledge with an understanding of the costs for delivering required services
• Ability to interpret and summarize technical information for presentation to non-technical business contacts
• Knowledge of security technologies, procedures, and best practices
• Knowledge of the BCBS system and practices
• Ability to make operational decisions, monitor progress, and report results
• Able to communicate at all levels, with experience in leading operational review meetings with business partners and executives

Certifications & Licenses

• Preferred: Certified Information Systems Security Professional (CISSP)
• Preferred: Certified in Risk and Information Systems Control (CRISC)
• Preferred: Certified Information Systems Auditor (CISA)

Additional Information

• Architecture experience: Experience in implementing and managing core security architecture processes
• Experience in application security and development processes
• Experience with implementation of technical security architectures within a large enterprise environment is preferred