Cyber Defense Specialist, Experienced

Blue Shield of California's mission is to ensure all Californians have access to high-quality health care at a sustainably affordable price. We are transforming health care in a way that truly serves our nonprofit mission by lowering costs, improving quality, and enhancing the member and physician experience. To fulfill our mission, we must ensure a diverse, equitable, and inclusive environment where all employees can be their authentic selves and fully contribute to meet the needs of the multifaceted communities we serve. Our comprehensive approach to diversity, equity, and inclusion combines a focus on our people, processes, and systems with a deep commitment to promoting social justice and health equity through our products, business practices, and presence as a corporate citizen.Blue Shield has received awards and recognition for being a certified Great Place to Work, best place to work for LGBTQ equality, leading disability employer, one of the best companies for women to advance, Bay Area's top companies in volunteering & giving, and one of the world's most ethical companies. Here at Blue Shield of California, we are striving to make a positive change across our industry and the communities we live in - join us!Your RoleThe Information Security team is looking for a certified security professional to join our fast paced, collaborative, and diverse team of talent. Our mission is to provide operationally excellent next-generation information security event monitoring, threat hunting, and incident response services that protect Blue Shield from adverse cyber events. The Information Security Cyber Defense Specialist, Experienced will report to the Senior Manager of Information Security Operations . In this role you will work with a high-functioning 24/7/365 team utilizing industry leading technology to identify, protect, detect, respond, and recover from adversary attacks. Your WorkIn this role, you will:

• Provide expert level network intrusion monitoring of and response
• Perform expert level endpoint detection and response (EDR)
• Analyze application and web security events
• Interpret logs for expert level threat hunting to identify and respond to indicators of compromise (IOCs) and threats including User and Event Behavioral Analytics (UEBA) using a security information and event management (SIEM) environment
• Perform incident response containment
• Utilize Security Orchestration, Automation, and Response (SOAR) of information security incidents

• A diploma/certification in in the information security field OR a minimum of 3-6 years dedicated to IT, information security, and/or security infrastructure experience OR a combination of equivalent work experience and education
• Security event monitoring and incident response
• Security information event management (SIEM) searching
• Data analytics
• Intrusion detection and network tools; Wireshark, Nmap
• Web proxies
• Cloud access security broker (CASB)
• VMware and virtualization platforms
• Database activity monitoring
• Application security
• Anti-virus and malware detection
• Social engineering and phishing detection
• Identity & Access Management
• Effective verbal and non-verbal communication skills at all levels of the organization
• Leadership teamwork and collaboration
• Trustworthiness and discretion
• Problem solving
• Critical Thinking

• Honest. We hold ourselves to the highest ethical and integrity standards. We build trust by doing what we say we're going to do and by acknowledging and correcting where we fall short
• Human. We strive to be our authentic selves, listening and communicating effectively, and showing empathy towards others by walking in their shoes
• Courageous. We stand up for what we believe in and are committed to the hard work necessary to achieve our ambitious goals