Associate Director, Information Security Engineering

Company: Blue Cross Blue Shield of Massachusetts, Inc.
Location: Boston
Posted on: March 31, 2025

Job Description:

Ready to help us transform healthcare? Bring your true colors to blue.Position Summary:We are seeking an experienced and dynamic Information Security Manager to establish and lead an Information Security Team. This role will serve as a trusted advisor, operational leader, and key liaison, ensuring alignment across cybersecurity initiatives, business priorities, and executive objectives.The successful candidate will ensure seamless coordination of security functions while fostering a culture of collaboration and accountability. This role requires a strategic thinker with strong leadership skills, a deep understanding of information security best practices, and the ability to drive organizational alignment on security initiatives.Key Accountabilities:

• Strategic Planning & Execution:

• Partner with the CISO and Director of Cybersecurity Engineering to define and execute the cybersecurity strategy, aligning with broader business objectives.
• Drive strategic initiatives, ensuring progress against key priorities, and track measurable outcomes.
• Facilitate decision-making processes by providing data-driven insights and strategic recommendations.
• Operational Excellence:
  • Identify and integrate security functions across the organization to create a cohesive and efficient security strategy.
  • Act as a central point of contact for cross-functional teams to align on security priorities, policies, and processes.
  • Enhance Security Posture:
    • Collaborate with stakeholders to identify gaps in the organization's security posture and develop actionable plans to address them.
    • Drive initiatives to enhance the company's ability to protect its assets, data, systems, and reputation.
    • Enable Business Operations:
      • Partner with business leaders to ensure that security measures align with business goals while minimizing disruption to operations.
      • Advocate for security as a business enabler by demonstrating how robust practices can support growth and innovation.
      • Stakeholder Engagement:
        • Build strong relationships with key stakeholders across departments, including ET, Legal, Compliance, Risk Management, HR, and Operations.
        • Facilitate regular meetings with stakeholders to discuss progress on security initiatives and gather feedback for continuous improvement.
        • Develop Holistic Security Strategies:
          • Create a unified information security strategy that reflects industry standards while addressing the unique needs of the organization.
          • Ensure alignment of security efforts that protects the organization effectively.
          • Measure Success:
            • Define key performance indicators (KPIs) to measure the effectiveness of the security program and other initiatives.
            • Provide regular reporting on program performance, risk reduction efforts, and overall improvements in security posture.Key Competencies
            • Technically competent:
              • Deep understanding of information security and security operations standard processes and challenges.
              • Experience with standard enterprise class tools, processes and compliance activities.
              • Adaptability & Growth:
                • Adapts leadership work style to fit environment needs.
                • Develops and demonstrates intimacy and understanding of the BCBSMA environment.
                • Capable of working with others to follow through on cross-functional tasks.
                • Analyzing Needs & Proposing Solutions:
                  • Owns problems and solutions as a creative problem solver.
                  • Considers the implications of the recommended solution in light of the culture and context of BCBSMA.
                  • Fostering Teamwork & Collaboration:
                    • Seeks and develops suggestions from others, drives partnering relationships.
                    • Uses appropriate influencing techniques to gain genuine agreement.
                    • Building Trust.
                    • Understands and represents multiple perspectives so that others understand positions and policies.
                    • Acts as champion for the perspectives of different partners even in the face of resistance.
                    • Effective change agent and serves as a role model for others.
                    • Communicating Effectively:
                      • Overall effective communication skills providing a crisp, concise message, specifically tailored for the intended audience to maximize impact and drive change.
                      • Recognized as business unit expert in external communication, serves as a role model for others.
                      • Effective skills in influencing & negotiating.
                      • Able to advocate for effective solutions while acknowledging diverse viewpoints.
                      • Acting with Urgency:
                        • Regularly takes actions that go beyond requirements to achieve objectives.
                        • Provides leadership and direction for project execution.
                        • Provides expertise to identify potential problems and executes adjustments to project timelines, tasks and resources allocation as required.
                        • Leadership Responsibilities:
                          • Works cross functionally to facilitate and organize actions to meet division and corporate goals.
                          • Assumes a lead role in collaborating to influence actions and decisions to positively impact business and financial results.
                          • Supports development and implementation of sound business initiatives across the division and BCBSMA.
                          • Champions process improvements fostering ownership and empowerment across the project teams, IT and the organization.Background and Experience
                            • BS in Technology or Computer Science (Master's Degree preferred) related field with 5+ years of experience required.
                            • Certified Information System Security Professional (CISSP) certification preferred.
                            • Advanced knowledge and experience managing a security engineering or security operations team in a large, complex enterprise.
                            • Solid experience managing people, specifically, senior technologists and engineers.
                            • Experienced, effective manager that uses both a quantitative and qualitative based approach to achieve the desired deliverable.
                            • Operational experience administering enterprise class SIEM and vulnerability scanning tools.
                            • Familiarity with risk management practices, vulnerability management tools, incident response processes, and compliance requirements (HIPPA, etc.)
                            • Strong problem-solving skills with the ability to navigate complex organizational structures.
                            • Passion for promoting a culture of security awareness throughout an organization.Minimum Education Requirements:High school degree or equivalent required unless otherwise noted above.Location: BostonTime Type: Full timeSalary Range: $199,890.00 - $244,310.00The job posting range is the lowest to highest salary we in good faith believe we would pay for this role at the time of this posting. We may ultimately pay more or less than the posted range, and the range may be modified in the future. An employee's pay position within the salary range will be based on several factors including, but limited to, relevant education, qualifications, certifications, experience, skills, performance, shift, travel requirements, sales or revenue-based metrics, and business or organizational needs and affordability.This job is also eligible for variable pay.We offer comprehensive package of benefits including paid time off, medical/dental/vision insurance, 401(k), and a suite of well-being benefits to eligible employees.WHY Blue Cross Blue Shield of MA?We understand that the confidence gap and imposter syndrome can prevent amazing candidates coming our way, so please don't hesitate to apply. We'd love to hear from you. You might be just what we need for this role or possibly another one at Blue Cross Blue Shield of MA. The more voices we have represented and amplified in our business, the more we will all thrive, contribute, and be brilliant. We encourage you to bring us your true colors, your perspectives, and your experiences. It's in our differences that we will remain relentless in our pursuit to transform healthcare for ALL.As an employer, we are committed to investing in your development and providing the necessary resources to enable your success. Learn how we are dedicated to creating an inclusive and rewarding workplace that promotes excellence and provides opportunities for employees to forge their unique career path by visiting our Company Culture page. If this sounds like something you'd like to be a part of, we'd love to hear from you. You can also join our Talent Community to stay "in the know" on all things Blue.At Blue Cross Blue Shield of Massachusetts, we believe in wellness and that work/life balance is a key part of associate wellbeing. For more information on how we work and support that work/life balance visit our How We Work Page.
                              #J-18808-Ljbffr

Keywords: Blue Cross Blue Shield of Massachusetts, Inc., Boston , Associate Director, Information Security Engineering, Engineering , Boston, Massachusetts