|Preferred GIAC Certifications||GSEC, GCIP, GCLD, GCSA, GSDA|
Experienced in application of organization or enterprise-wide set of disciplines for the planning, analysis, design, testing, construction, and migration to, or implementation of Identity and Access Management (IAM) system components. Position typically requires 6+ years of experience in vulnerability and risk analysis across multiple disciplines within IAM including Identity and Access Governance (IGA), Privilege Access Management (PAM), Multifactor Authentication (MFA) and Identity Federation. Position also typically requires knowledge of applicable IAM standards and their relationships as well as 4 years’ experience in writing technical specifications such as design documents and position papers. Position requires knowledge of various technologies including legacy, client/server, web-based technologies, and cloud-based systems.
Align with Agile Scrums and BAU processes within Highmark to document current and future state of IAM Enterprise Architecture to produce an IAM Ecosystem Architecture.
Respond to architectural requests and participate as part of IAM Design Review Board in analyzing, recommending alternatives, and approving new designs within Highmark to ensure they align with enterprise objectives.
Provide guidance and mentoring while acting as interim senior architect during Highmark’s search for a full-time employee resource.
Deliver recommendations to attain principles of IAM such as critical requirements for protecting data, systems, and other digital assets.
Work with other architects and developers in the Information System Risk Management (ISRM) division to ensure architectural harmony across the entire cyber security ecosystem.
Bachelor’s Degree - Information Systems, Computer Science, Information Security, or Engineering
Master’s Degree – Computer Science, Information Security or related field
5 - 7 years' experience architecting solutions
5 - 7 years' experience in Information Security
Experience communicating with business partners
Experience in two or more of the following technologies: SailPoint Identity IQ, Azure Active Directory and Federation, LDAP directories, Microsoft Multifactor Authentication, CyberArk Privilege Access Management.
5 - 7 years in the Healthcare Industry
Business communication skills, both written and verbal and able to solve unconventional problems
Understanding of the TCP/IP protocol stack, application protocols such as SNMP, SMTP, DNS, and DHCP; IPSec and SSL VPNs; SSL/TLS protocol knowledge
Understanding of the information technology and information security industries, their current developments, trends, issues, and fundamental concepts
In-depth expertise in analyzing a wide spectrum of technical systems and services robustness and needs, and making practical recommendations to address them
Detailed knowledge of web, mobile, and client application security vulnerabilities, attack methods, and countermeasures
Experience with common information security management frameworks, such as HITRUST, ISO 27001, CobiT, ITIL
Knowledge of ubiquitous encryption technologies (PGP, SSH, SSL, etc.) and common protocols (RADIUS, LDAP, KERBEROS, SAML, etc.)
Participate in evaluations and recommend solutions to support enterprises security controls including: networking, firewalls, IDS/IPS, data loss prevention, application security, infrastructure security, and data security
LICENSES AND CERTIFICATIONS
Strategic Relationship Building
Setting and Managing Priorities
Knowledge of industry standards
Disclaimer: The job description has been designed to indicate the general nature and essential duties and responsibilities of work performed by employees within this job title. It may not contain a comprehensive inventory of all duties, responsibilities, and qualifications required of employees to do this job.
Compliance Requirement: This position adheres to the ethical and legal standards and behavioral expectations as set forth in the code of business conduct and company policies
As a component of job responsibilities, employees may have access to covered information, cardholder data, or other confidential customer information that must be protected at all times. In connection with this, all employees must comply with both the Health Insurance Portability Accountability Act of 1996 (HIPAA) as described in the Notice of Privacy Practices and Privacy Policies and Procedures as well as all data security guidelines established within the Company’s Handbook of Privacy Policies and Practices and Information Security Policy. Furthermore, it is every employee’s responsibility to comply with the company’s Code of Business Conduct. This includes but is not limited to adherence to applicable federal and state laws, rules, and regulations as well as company policies and training requirements.
Highmark Health and its affiliates prohibit discrimination against qualified individuals based on their status as protected veterans or individuals with disabilities, and prohibit discrimination against all individuals based on their race, color, religion, sex, national origin, sexual orientation/gender identity or any other category protected by applicable federal, state or local law. Highmark Health and its affiliates take affirmative action to employ and advance in employment individuals without regard to race, color, religion, sex, national origin, sexual orientation/gender identity, protected veteran status or disability.
Highmark Health and its affiliates prohibit discrimination against qualified individuals based on their status as protected veterans or individuals with disabilities, and prohibit discrimination against all individuals based on their race, color, age, religion, sex, national origin, sexual orientation/gender identity or any other category protected by applicable federal, state or local law. Highmark Health and its affiliates take affirmative action to employ and advance in employment individuals without regard to race, color, age, religion, sex, national origin, sexual orientation/gender identity, protected veteran status or disability.
EEO is The Law
Equal Opportunity Employer Minorities/Women/Protected Veterans/Disabled/Sexual Orientation/Gender Identity ( https://www.eeoc.gov/sites/default/files/migrated_files/employers/poster_screen_reader_optimized.pdf )
We endeavor to make this site accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact number below.
For accommodation requests, please contact HR Services Online at HRServices@highmarkhealth.org
California Consumer Privacy Act Employees, Contractors, and Applicants Notice