Identity and Access Management-Information Security Analyst

To learn more about Arkansas Blue Cross and Blue Shield Hiring Policies, please click.

Applicants must be eligible to begin work on the date of hire and be authorized to work in the United States on a full-time basis. Arkansas Blue Cross Blue Shield will NOT sponsor applicants for work visas for this position.

Arkansas Blue Cross is seeking applicants for remote positions from the following states: Arkansas, Florida, Georgia, Illinois, Kansas, Louisiana, Minnesota, Mississippi, Oklahoma, South Carolina, Tennessee, Texas, Virginia, and Wisconsin.

The Information Security Analyst is responsible for the operations, administration, and governance of enterprise security solutions and processes.

High School diploma or equivalent. A Bachelor’s degree in Business, Computer Science, Management Information Systems, or related field is preferred. Alternatively, a minimum of five (5) years' relevant experience will be considered.

Professional security management certification (e.g., CISSP) or similar credentials are desired.

At least three (3) years' experience conducting system audits, working with vendors, performing security risk assessments, or related experience in information security, business continuity, or disaster recovery. Knowledge of frameworks like HIPAA, HITRUST, ISO/IEC 27001, NIST, COBIT, or ITIL is required. System analysis, data testing, and software application testing experience are preferred.

• Detail-Oriented
• Critical thinking
• Strong analytical skills
• Ability to build collaborative relationships

Analytical, Critical Thinking, Cultivate Relationships, Detail-Oriented, Oral and Written Communication, Project Management

• Asset Security: Guide and enforce data security policies, configurations, and standards including data classification, storage, transmission, and lifecycle management.
• Communication and Network Security: Support network monitoring, incident response, and oversee security capabilities and assets.
• Identity and Access Management: Manage account security, privileged access, role entitlements, and system updates.
• Security and Risk Management: Provide security guidance, enforce policies, manage audits, vulnerability management, and security awareness programs.
• Security Architecture and Engineering: Ensure security design with confidentiality, integrity, and availability in mind.
• Security Assessment and Testing: Coordinate security audits and assessments, including third-party evaluations.
• Security Operations: Support incident response, investigations, logging, and disaster recovery testing.
• Software Development Security: Provide security oversight for software development, including code vulnerability remediation.

This role requires proficiency in three security components and ensuring the security and confidentiality of records and information, adhering to company policies and segregation of duties guidelines.

Regular

This position involves general office work, with occasional travel within walking distance of the primary work location, and lifting requirements up to 40 lbs.