Anthem, Inc. Cloud Security Architect - Process in Indianapolis, Indiana
Covid-19 Vaccination Guidance:
UPDATED 12/9/21: The health of our associates and communities is a top priority for Elevance Health. We require all new candidates to become vaccinated against COVID-19. If you are not vaccinated, your offer will be rescinded unless you provide - and Elevance Health approves - a valid religious or medical explanation as to why you are not able to get vaccinated that Elevance Health is able to reasonably accommodate. Elevance Health will also follow all relevant federal, state and local laws.
Cloud Security Architect - Process
Location: IN, Indianapolis
Job Family: IFT > IT Security & Compliance
Type: Full time
Date Posted:Jun 20, 2022
Req #: PS74090
This technical role develops and drives our operating model and processes. This position will also entail mentoring others and providing SME-level guidance, clearly communicating technical requirements to the implementation teams and supporting the effort to secure resources across the multiple cloud environments.
*Position ideally located in Indianapolis, IN or Chicago, IL and will consider other locations as this position can work from home, office or a combination.
Essential duties can include but are not limited to:
In collaboration with the Business, Application teams, and the CCOE, the Cloud Security Architect establishes overall security architecture vision and ensures specific components are appropriately designed and leveraged.
Collaborates with IT and ensures that the construction of architecture components (e.g., domain architecture, solution architecture, and technical architecture) aligns with architecture strategies.
Develops innovative technology approaches to solve security and business problems and is usually sought out as an expert in this field.
Participates in the Cloud Governance processes and community of practice.
Recommends changes and updates to cloud security governance strategy based on NIST, regulatory and evolving threats drivers.
Proposes opportunities to improve security outcomes and reduce risks based on targeted or continuous assessments.
Defines, communicates, and drives security controls matrix design and implementation, and monitors compliance to enterprise-level security standards.
Identify opportunities to establish, refine, or bolster, security guardrails.
Partner with Application Teams, Cloud Operations, security control owners, and the Cloud Security Advisory Services Team to socialize findings and drive proactive risk reduction.
Supports activities, process, and tools needed to improve overall security posture of the organization.
Support the risk management process by helping to determine and assign risk impact ratings and prioritize remediation efforts in accordance with Anthem accepted Risk Management and Cloud Security Reference Architecture Frameworks.
Conduct process reviews of the management, operational, and technical security controls employed within or inherited by an information system to determine the overall effectiveness of the controls.
Provide Sr. management with consultative support in controlling and/or enhancing processes and systems in compliance with policies and regulations focused on HIPAA, PCI, SOX, SOC and other regulatory guidance.
Advise on the development of education, training and other mechanisms used to ensure compliant behavior for mandated security controls.
- BS/BA in Information Technology or related field of study and a minimum of 10 years relevant work experience; or any combination of education and experience, which would provide an equivalent background.
5+ years hands-on experience with popular cloud vendors and technologies such as Amazon Web Services, Microsoft Azure, Google Cloud Platform, IBM Cloud, and Oracle OCI preferred.
2+ years’ experience in auditing information system design, provisioning, operating, and maintaining systems running in the cloud with a strong preference for direct experience with DIACAP, RMF, etc.; or demonstrated equivalent testing and securing highly regulated information assets preferred.
Familiarity with common compliance standards, such as CIS Benchmarks, PCI-DSS, HIPAA, NIST, FISMA, etc.
Strong knowledge and experience in system engineering SDLC methodologies, waterfall, agile, RAD, RAP, DevOps, etc.
Experience in Information Security-focused efforts, with demonstrated ability to distill complex security problems and drive toward creative solutions while complying with Enterprise policies.
Demonstrated ability to communicate clearly with all constituents, serving as a mentor and SME.
REST, JSON, SOAP/XML – Web services.
CI/CD tools - Jenkins, Bamboo, Git, Maven/Gradle, Sonar, Artifactory, Jira, Checkmarx, RabbitMQ.
Programming/scripting knowledge for automating day to day tasks – Python, Perl, Ruby.
Knowledge of application deployment and data migration in various cloud platforms across different regions.
Knowledge of and the ability to manage the processes, tools, techniques, and practices for assuring adherence to standards associated with accessing, altering and protecting organizational data.
Research mindset, with a hold on where to look for relevant information pertaining to cloud threats, vulnerabilities, and key adversary’s’ modes of interest.
Knowledge & experience of monitoring, logging and cost management tools that integrate with cloud platforms.
Demonstrated troubleshooting skills.
Tracking and researching release of new cloud resource types and services, with a focus on security risk and attack surface expansion.
Experience in analyzing both detailed design components and high-level architectural blueprints, ensuring compliance with Enterprise policy and guidelines.
Experience with analyzing and securing complex, large scale cloud applications.
Experience in programmatic integration with ticketing and asset management systems.
Experience in aggregating metrics and reporting.
Demonstrated teamwork skills, with strict adherence to respecting established escalation paths and the chain-of-command in a fast-paced, highly regulated work environment.
Knowledge of Diversity Principles, Corporate Integrity, Compliance Program policies, and other applicable corporate and departmental policies.
Additional Preferred Qualifications:
Experience with analyzing and securing Big Data prior to Cloud migration.
Understanding of legal / regulatory requirements such as PCI-DSS, HIPAA, NIST, FISMA, etc.
Experience in programmatic integration with ticketing and asset management systems.
Cloud/Security and Audit Certifications preferred (e.g., CISA: Certified Information Security Auditor, CISM: Certified Information Security Manager, CISSP: Certified Information Systems Security Professional.
Please be advised that Elevance Health only accepts resumes from agencies that have a signed agreement with Elevance Health. Accordingly, Elevance Health is not obligated to pay referral fees to any agency that is not a party to an agreement with Elevance Health. Thus, any unsolicited resumes, including those submitted to hiring managers, are deemed to be the property of Elevance Health.
Be part of an Extraordinary Team
Elevance Health is a health company dedicated to improving lives and communities – and making healthcare simpler. Previously known as Anthem, Inc., we have evolved into a company focused on whole health and updated our name to better reflect the direction the company is heading.
We are looking for leaders at all levels of the organization who are passionate about making an impact on our members and the communities we serve. You will thrive in a complex and collaborative environment where you take action and ownership to solve problems and lead change. Do you want to be part of a larger purpose and an evolving, high-performance culture that empowers you to make an impact?
We offer a range of market-competitive total rewards that include merit increases, paid holidays, Paid Time Off, and incentive bonus programs (unless covered by a collective bargaining agreement), medical, dental, vision, short and long term disability benefits, 401(k) +match, stock purchase plan, life insurance, wellness programs and financial education resources, to name a few.
The health of our associates and communities is a top priority for Elevance Health. We require all new candidates to become vaccinated against COVID-19. If you are not vaccinated, your offer will be rescinded unless you provide – and Elevance Health approves – a valid religious or medical explanation as to why you are not able to get vaccinated that Elevance Health is able to reasonably accommodate. Elevance Health will also follow all relevant federal, state and local laws.
Elevance Health has been named as a Fortune Great Place To Work in 2021, is ranked as one of the 2021 World’s Most Admired Companies among health insurers by Fortune magazine, and a Top 20 Fortune 500 Companies on Diversity and Inclusion. To learn more about our company and apply, please visit us at careers.ElevanceHealthinc.com. Elevance Health is an Equal Employment Opportunity employer and all qualified applicants will receive consideration for employment without regard to age, citizenship status, color, creed, disability, ethnicity, genetic information, gender (including gender identity and gender expression), marital status, national origin, race, religion, sex, sexual orientation, veteran status or any other status or condition protected by applicable federal, state, or local laws. Applicants who require accommodation to participate in the job application process may email@example.com assistance.
EEO is the LawEqual Opportunity Employer / Disability / Veteran
Please use the links below to review statements of protection from discrimination under Federal law for job applicants and employees.
EEO Policy Statement
EEO is the Law Postero
EEO Poster Supplement-English Version
Privacy Notice for California Residents
Elevance Health, Inc. is an E-verify Employer
Need Assistance?Email us (firstname.lastname@example.org) or call 1-877-204-7664