Anthem, Inc. Info Security Advisor - Vulnerability Management in Harrisonburg, Virginia
SHIFT: Day Job
Your Talent. Our Vision. At Anthem, Inc., it’s a powerful combination, and the foundation upon which we’re creating greater access to care for our members, greater value for our customers, and greater health for our communities. Join us and together we will drive the future of health care.
This is an exceptional opportunity to do innovative work that means more to you and those we serve at one of America's leading health care companies and a Fortune Top 50 Company.
Vulnerability Management Advisors are counted on for subject matter expertise and mentorship. They are experts of issue resolution, mentors, coaches and advisors across the enterprise. The Vulnerability Management Team (VM) locates and resolves issues across the enterprise.
Primary duties may include, but are not limited to:
Work cross-functionally to integrate vulnerability management capabilities and practices throughout the System Development Lifecycle
Provide Subject Matter Expertise on vulnerability risk, remediation, and mitigating actions .
Identify known vulnerabilities and configuration baseline standard deviations in our environment by operating our vulnerability management platform.
Provide mentorship and oversight for junior staff in the execution of key vulnerability management processes
Perform risk assessment of vulnerabilities by correlating data from various sources.
Perform technical and nontechnical risk and vulnerability assessments of relevant technology focus areas.
Ensure that cybersecurity-enabled products or other compensating security control technologies reduce identified risk to an acceptable level.
Maintain knowledge of applicable cyber defense policies, regulations, and compliance documents specifically related to cyber defense auditing.
Oversees Enterprise mix of vendor services; recommends changes and updates to strategy
May act a key contact for setting vendor strategy
Designs & engineers repetitive technical solutions based on business requirements and defined technology standards
Develops support procedures and performance metrics reports
Leads level 1 & 2 incident recoveries; may organize the efforts of other analysts as part of incident recovery; leads root cause analysis efforts.
Must be capable of providing top-tier support for 4 or more of the information security technology common body of knowledge skill sets: 1) Access Control, 2) Application Security, 3) Business Continuity and Disaster Recovery Planning, 4) Cryptography, 5) Information Security and Risk Management 6) Legal, Regulations, 7) Compliance and Investigations, 8) Operations Security, 9) Physical (Environmental) Security, 10) Security Architecture and Design, 11) Telecommunications and Network Security.
Requires BS/BA degree in Information Technology or related field of study and a minimum of 5 years experience in systems support, system administration, system engineering, system security, access management, network security, network communications, computer networking, telecommunications, systems development and management, hardware, software, and/or data; or any combination of education and experience, which would provide an equivalent background. Requires experience in planning and designing highly complex systems.
Experience with multiple technical and business disciplines strongly preferred.
Security Certifications: CISSP or other technical security certifications (e.g. Systems Security Certified Practitioner, Certification and Accreditation Professional) strongly preferred.
Scripting experience with common programming and query languages (e.g., Python, R, SQL, Java etc.)
Experience with data analysis and visualization tools (e.g., Tableau, PowerBI etc.)
Experience with common vulnerability technologies such as Qualys, Tenable, Rapid7, Guardium and Tanium.
Skill in the use of penetration testing tools and techniques.
Skill in using network analysis tools to identify vulnerabilities. (e.g., fuzzing, nmap, etc.).
If this job is assigned to any Government Business Division entity, the applicant and incumbent fall under a 'sensitive position' work designation and may be subject to additional requirements beyond those associates outside Government Business Divisions. Requirements include but are not limited to more stringent and frequent background checks and/or government clearances, segregation of duties principles, role specific training, monitoring of daily job functions, and sensitive data handling instructions. Associates in these jobs must follow the specific policies, procedures, guidelines, etc. as stated by the Government Business Division in which they are employed
We offer a range of market-competitive total rewards that include merit increases, paid holidays, Paid Time Off, and incentive bonus programs (unless covered by a collective bargaining agreement), medical, dental, vision, short and long term disability benefits, 401(k) +match, stock purchase plan, life insurance, wellness programs and financial education resources, to name a few. The health of our associates and communities is a top priority for Anthem. We require all new candidates to become vaccinated against COVID-19. If you are not vaccinated, your offer will be rescinded unless you provide – and Anthem approves – a valid religious or medical explanation as to why you are not able to get vaccinated that Anthem is able to reasonably accommodate. Anthem will also follow all relevant federal, state and local laws. Anthem, Inc. has been named as a Fortune 100 Best Companies to Work For®, is ranked as one of the 2020 World’s Most Admired Companies among health insurers by Fortune magazine, and a 2020 America’s Best Employers for Diversity by Forbes. To learn more about our company and apply, please visit us at careers.antheminc.com. Anthem is an Equal Employment Opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, national origin, protected veteran status, disability status, sexual orientation, gender identity or expression, marital status, genetic information, or any other characteristic protected by law. Applicants who require accommodation to participate in the job application process may contact email@example.com for assistance.