Job Description

IT is different here. Our work as technology specialists pushes the boundaries of what’s possible in health care. You will build solutions that make a real difference in people’s lives. Driven by the importance of their work, our team members innovate to elevate. We’re encouraged to be curious, collaborate, and turn ideas into solutions that can make health care better for all.

The (CIAM) Information Security Architect is responsible for work with key business partners, developers, vendors, and security engineers to help craft the future of our Consumer Identity and Access Management (CIAM) Program. This position will focus on the solution design for the Customer Identity and Access Management (CIAM) platform and guide the team on its implementation. The (CIAM) Information Security Architect should be comfortable and knowledgeable regarding the challenges of B2B, B2C, and other IAM ecosystems, an expert at managing, configuring, and developing CIAM platforms.

If you are ready to make a career out of making a difference, then you are the person for this team.

What You Will Do

• Influence, consult with and build collaborative working relationships with senior business and IT leadership at the VP/Officer and C levels to help meet long term security objectives.

• Conduct risk assessments, evaluate alternative strategies, develop recommendations and ensure responsive communication with business representatives, security management, and third party vendors.

• Participate in the design review process and support the overall Security Architecture process.

• Plan, implement, and manage IAM/CIAM and associated products to meet user and company needs. The (CIAM) Information Security Architect will work closely with other cross functional teams to scope and help mature the Consumer Identity and Access Management program services for our Partner and Customer Experience.

• Utilize security expertise and knowledge of new and emerging cyber-attacks threats to make recommendations to management regarding implementation of best practices and/or process improvements to proactively protect the company’s systems and networks.

• Perform analysis of requirements and for the definition of detailed solution design, implementation, and delivery of IAM/CIAM solutions

• Provide technical expertise to complex relevant problems

• Develop, maintain and implement security policies, processes, tools and methodologies that support security architecture standards and ensure effective evolution of security architecture within the organization.

What You Bring

• Bachelor’s degree and 7 years of broad based information security experience, with expertise in the following areas: security engineering, security operations/ administration, incident response, audit, controls and risk management.

• Experience with architecture processes, strategies and standards is required.

• IT consulting and executive advisory experience with demonstrated skills in translating business requirements to technical solutions is necessary.

• If no degree, 8 years of experience as stated above.

• Functional understanding of IAM processes and systems related to Identity Governance and Administration (IGA), Identity and Access Management (IAM) and Privileged Access Management (PAM).

• Prior experience supporting Multi-Factor Authentication (MFA) protocols and systems.

• Strong/expert level understanding of authentication mechanisms and protocols including OIDC/OAuth and SAML, and key related security concepts such as MFA, and how these are used with IdPs

• Experience coordinating vendor solution delivery and partnering effectively with vendors to meet business needs.

• At least one security industry certification (i.e., CISSP, CISA, CISM, SANS).

Hiring Preferences

• An understanding of core security concerns within a typical application (Password hashing, SSL/TLS, encryption at rest, XSS, XSRF)

• Familiarity with data privacy concepts, fraud detection and integration technologies

• Experience in configuration, implementation, and development of web services, SAML, integration of REST and OAUTH API with various applications and services.

• An understanding of core security concerns within a typical application (Password hashing, SSL/TLS, encryption at rest, XSS, XSRF)

• Exceptional consulting skillset with ability to provide appropriate direction to other IT groups and executives on security matters.

• Demonstrated initiative to learn new technologies.

• Exceptional analytical and problem-solving skills.

• Proven ability to present and discuss highly complex technical information to users with varying technical expertise.

• Must be detail-oriented with a focus on accuracy.

• Excellent written and verbal communication skills, including excellent presentation skills.

• Demonstrated ability to develop and maintain collaborative working relationships with varying constituencies and teams.

• Superior customer focus and the ability to manage customer expectations.

Salary Range

$105,600.00 - $191,800.00

About Us

It's an exciting time to work at Blue Cross and Blue Shield of North Carolina (Blue Cross NC). Health care is changing, and we're leading the way. We offer more than health insurance our customers can count on. We’re committed to better health and better health care − in our communities and beyond. Our employees bring energy and creativity to the workplace, and it shows in our innovative approach to improving the health and well-being of North Carolinians.

Blue Cross NC is a fully taxed, not-for-profit company headquartered in Durham, North Carolina. We serve more than 4.3 million members, and we employ more than 5,000 people across the country who are passionate about making health care better for all.

Help us lead the charge for better health care by joining our award-winning team. Discover tremendous opportunities with us to do challenging and rewarding work. Opportunities that can lead you to a fulfilling career, work that can help others lead healthier, happier lives.

Authorization to Work in the United States

We use E-verify to confirm authorization to work in the United States. To learn more about E-Verify, including your rights and responsibilities, please visit E-Verify Overview (https://www.e-verify.gov/employees/e-verify-overview) for English or Visión General de E-Verify (https://www.e-verify.gov/es/empleados/vision-general-de-e-verify) for Español.

For most roles, you can choose where to work - fully remote in one of the states listed below, in the office, or a hybrid of the two:

Alabama, Arizona, Arkansas, Colorado, Florida, Georgia, Idaho, Indiana, Iowa, Kansas, Kentucky, Louisiana, Maryland, Michigan, Mississippi, Missouri, North Carolina, Ohio, Oklahoma, Pennsylvania, South Carolina, South Dakota, Tennessee, Texas, Utah, Virginia, Wisconsin, and Wyoming

Much more than a paycheck

The total value of working at Blue Cross NC goes far beyond your paycheck. We offer benefits and perks (https://careers.bluecrossnc.com/global/en/benefits) that help you thrive, such as competitive health benefits, bonus plans based on performance, 401(k) with employer match, paid time off (plus two well-being days), and a variety of career development and wellness programs.