Cloud Native Security Advisor
Indianapolis, IN, United States
Cloud Native Security Advisor
Location: Indianapolis, IN (preferred). This position will work in a hybrid model (remote and office). The ideal candidate will live within 50 miles of one of our Elevance Health PulsePoint locations.
The Cloud Native Security Advisor develops strategic and tactical plans for a comprehensive enterprise-wide information security program. Leads the development of policies, technical standards, guidelines, procedures, and other elements of an infrastructure necessary to support information security in compliance with established company policies, regulatory requirements, and generally accepted information security controls. Responsible for the selection and delivery of strategic network security, access control, and secure transaction/messaging solutions.
How you will make an impact:
Establishes architecture oversight and planning for information and network security technologies.
Establishes strategic vendor relationships for security products and services.
Develops enterprise-wide security incident response plans and strategies that include integration with business, compliance, privacy, and legal constituents and requirements.
Provides advanced-level engineering design functions; participates in the design of the enterprise architecture.
Provides trouble resolution and serves as a point of technical escalation on complex problems.
Creates presentations and seeks IT and business management approval and acceptance of significant replacements or reconfigurations of major security technologies serving the Enterprise.
Provides technical guidance and leadership to the technical engineers within the organization.
Proposes opportunities to improve results based on targeted or continuous assessment.
Researches relevant trends and activities in healthcare, business, competition, and regulatory environments & recommends strategy adjustments.
Participates in enterprise planning activity, including vendor assessment, technology platform selection & retirement, prioritization, and integration.
Capable of serving as technical merger & acquisition lead.
Routinely acts as a subject matter expert for executive management.
Must be capable of providing top-tier support for 6 or more of the information security technology common body of knowledge skill sets:
Access Control, Application Security, Business Continuity & Disaster Recovery Planning, Cryptography, Information Security and Risk Management, Legal / Regulations, Compliance & Investigations, Operations Security, Physical (Environmental) Security, Security Architecture & Design, Telecommunications & Network Security
Minimum Requirements:
Requires BS/BA in Information Technology or related field of study and a minimum of 10 years experience in systems administration and security aspects of information systems, access management and network security technologies, network communications, computer networking, telecommunications, systems development and management, hardware, software, data, and people; experience with multiple technical and business disciplines required; or any combination of education and experience, which would provide an equivalent background.
Preferred Skills, Capabilities, and Experiences:
Broad-based experience in planning and designing highly complex systems is strongly preferred.
Experience designing, developing, and/or securing applications on AWS, GCP, and/or Azure.
Experience with DevOps and DevSecOps patterns and principles, including continuous integration and deployment (CI/CD) with security service integration.
Experience with operating and securing multiple Kubernetes platforms such as EKS, GKE, AKS, and OpenShift.
Experience with deployment, configuration, and maintaining HashiCorp Vault clusters, ensuring high availability, scalability, and security.
Experience in implementing DevOps automation patterns with Terraform and Ansible following Infrastructure as Code (IaC) concepts.
Experience with policy as code frameworks like OPA and HashiCorp Sentinel.
Working knowledge and expertise with a programming language (Python, Go, Ruby, Java).
Working knowledge in Cloud Vulnerability Management and Application Security processes and principles.
Working knowledge in Data Protection and Identity & Access Management principles and technologies.
Background in leading a tech delivery team with development and training leadership.
#J-18808-Ljbffr