Information Security Executive Advisor

Location: This position will work a hybrid model (remote & office). The ideal candidate will live within 50 miles of one of our Elevance Health PulsePoint office locations.

The Information Security Executive Advisor position fulfills Elevance Health’s requirement to provide Executive Advisor services and oversight regarding Data Protection controls as part of the Data Protection Monitoring Services component of Elevance Health’s Government Cloud (and/or DISA Cloud) cloud security engineering for the Database Activity Monitoring (DAM) program. This resource will also be well experienced in business automation processes to include scripting and utilizing automated utilities to enable security controls and administer infrastructure and applications.

How You Will Make An Impact:

• Ensure compliance with IT/Cyber certification, training, and knowledge mandates that are enforced by DoDD 8140.01, “Cyberspace Workforce Management”.

• Establishes architecture oversight and planning for information and network security technologies.

• Leads development of an information security risk management program that includes business, regulatory, industry practices and technical environment considerations; establishes strategic vendor relationships for security products and services.

• Develops enterprise-wide security incident response plans and strategies that includes integration with business, compliance, privacy, and legal constituents and requirements.

• Provides advanced level engineering design functions; provides trouble resolution and serves as point of technical escalation on complex problems.

• Provides technical guidance and leadership to the technical engineers within the organization.

• Participates in the design of the enterprise architecture.

• Must be capable of providing top-tier support for 6 or more of the information security technology common body of knowledge skill sets: 1) Access Control, 2) Application Security, 3) Business Continuity and Disaster Recovery Planning, 4) Cryptography, 5) Information Security and Risk Management 6) Legal, Regulations, 7) Compliance and Investigations, 8) Operations Security, 9) Physical (Environmental) Security, 10) Security Architecture and Design, 11) Telecommunications and Network Security.

• Configure virtual [Linux] servers, AWS, GCP & Azure resources to complete database activity compliance

• Troubleshoot, diagnose, and resolve DAM tool related errors, vendor software bugs, and/or functionality issues across a multi-cloud environment.

• Work with Elevance Health Cloud teams to set-up, resolve issues with or cover DAM requirements with cloud native resources.

• Develops automation and process improvement strategies

• Monitor server & client health from DAM application for infrastructure uptime and performance based on Elevance Health and vendors specified configuration

• Track and report metrics associated with DAM technology tools

• Perform DAM software installation & upgrade to latest versions, including a good understanding of a broad range of database configurations.

• Perform Agile communication across a multiple cloud platform environment & support cloud platform resources and functionalities with Elevance Health teams and external resources.

• Generate report statistics on system performance

• Work closely with vendor Technical Account Manager (TAM), Designated Support Engineer (DSE) to resolve vendor software issues to ensure system availability and uptime of 95%

• Monitor server & client health from data security consoles/application for infrastructure uptime and performance based on Elevance Health and vendors specified configuration

• Experience in providing analytical reports using tools from MS Office

• Perform vendor provided software patching, installation & upgrade to latest versions, including a good understanding of a broad range server OS configurations

• Proposes opportunities to improve results based on targeted or continuous assessment

• Ensures and reviewing appropriate testing practices

• Drives problem management

• Represents major upgrades and business system replacements to leadership and provides strategy inputs

• Routinely acts as a subject matter expert for management

• Tracks, documents, and communicates team metrics, accomplishments, and successes

• Support the creation, review and delivery of messaging and responses for expansion, and ad-hoc assessments

Minimum Requirements:

• Requires BS/BA in Information Technology or related field of study and a minimum of 10 years experience in systems administration and security aspects of information systems, access management and network security technologies, network communications, computer networking, telecommunications, systems development and management, hardware, software, data, and people; experience with multiple technical and business disciplines required; or any combination of education and experience, which would provide an equivalent background.

• U.S. Citizenship is required for this position. This position/candidate will support the Department of Defense Military OneSource program.

• Security Clearance issued by Department of Defense is required as part of this role (Security Clearance at the time of hire is preferred, or you must be willing to submit and obtain necessary credentials).

Preferred Skills, Capabilities & Experiences:

• General understanding of CI/CD pipelines preferred.

• Experience with Multi-cloud life cycle management and maintenance planning preferred.

• 3-5 years of related work experience in information security, data protection, data privacy and security, or similar field preferred.

• 3-5 years administering configuring, testing, and deploying vendor provided security software on Linux and/or Windows OSx servers is helpful.

• 3-5 years cloud experience (DISA Cloud, DoD/Government Cloud, AWS, GCP, Azure certifications).

• Knowledge of scripting in various languages (JSON, YAML, Terraform, BASH, PowerShell).

• Experience with Imperva SecureSphere (version 12+) or Guardium similar tools is preferred.

• Experience with Symantec Data Loss Prevention (version 15.5+) or similar tools would be helpful.

• Experience with SONAR, CASB, Netskope or similar tools.

• Experience with automation or scripting toolsets (e.g. Terraform, Ansible Automation Platform, Nagios, BigFix, etc.) is preferred.

• Administrative experience in multiple versions of operating systems such as Windows and Linux is preferred.

• Knowledge of database activity monitoring and/or data loss prevention industry best practices, procedures or strategies is helpful.

• Working knowledge of engineering concepts of cloud platforms: AWS, GCP, Azure, GovCloud, OCI and DISA cloud preferred.

• Familiarity with vulnerability management, capacity analysis, performance monitoring and rehydration preferred.

• Relevant industry certification such as CISSP, CISM, CRISC, CCSP or similar preferred.

This job is assigned to an entity that conducts government business, the applicant and incumbent fall under a `sensitive position' work designation and is subject to additional requirements beyond those associates outside Government Business Divisions. Requirements include, but are not limited to, obtaining and maintaining a 'Secret level security clearance', which entails more stringent and frequent background checks, segregation of duties principles, role specific training, monitoring of daily job functions, and sensitive data handling instructions. Associates in these jobs must follow the specific policies, procedures, guidelines, etc. as stated by the Government Business Division in which they are employed.