Director, Information Security Engineering

Company: Blue Cross Blue Shield of Massachusetts, Inc.
Location: Boston
Posted on: March 31, 2025

Job Description:

Ready to help us transform healthcare? Bring your true colors to blue.Position Summary:We are seeking a visionary and experienced Director of Security Engineering to lead the development and execution of a comprehensive security engineering strategy. This role will focus on building and managing a high-performing security engineering team to safeguard the organization's assets, systems, and data. The Director will drive cross-functional collaboration to integrate security practices into all aspects of the business, ensuring alignment with industry standards and regulatory requirements.The Director of Security Engineering is a senior leadership role responsible for designing, implementing, and managing enterprise-wide IAM strategies and security engineering initiatives. This position ensures the organization's systems, applications, and data are secure, compliant with regulatory standards, and aligned with business objectives. The Director will lead a team of security professionals to develop robust IAM and Zero Trust frameworks, enhance security posture, and drive innovation in security technologies.The ideal candidate will possess a strong technical background, exceptional leadership skills, and the ability to influence stakeholders across the organization. He/She will play a critical role in shaping the company's security posture, enabling innovation while minimizing risk.Key Accountabilities:

• Leadership & Strategy:

• Develop and execute an enterprise IAM strategy (Zero Trust) aligned with business goals and regulatory requirements
• Lead the design and implementation of Zero Trust architecture principles across the organization
• Oversee security engineering initiatives to strengthen infrastructure, application, and data security
• Collaborate with executive leadership to ensure alignment of security programs with organizational priorities
• Identity and Access Management:
  • Manage IAM systems, including provisioning, authentication, SSO, MFA, etc.
  • Implement least privilege access controls and ensure timely recertifications of user access
  • IAM Engineering team management
  • Universal SSO implementation
  • Universal MFA implementation
  • IAM automation and optimization
  • IAM daily operations management
  • Security Engineering:
    • Oversee the design and implementation of secure systems architecture.
    • Develop and implement Zero Trust security framework
    • Develop security tools to enhance security posture
    • Lead efforts to modernize security and compliance - security by default, security by design, policy as code
    • Cloud security engineering
    • Team Development:
      • Build and mentor a high-performing team of IAM specialists and security engineers
      • Foster a culture of continuous improvement by staying updated on emerging threats and technologies
      • Collaborate with cross functional security teams
      • Enhance security efficiencyKey Competencies:
      • Technically competent:
        • Deep understanding of information security and security operations standard processes and challenges.
        • Experience with standard enterprise class tools, processes and compliance activities.
        • Adaptability & Growth:
          • Adapts leadership work style to fit environment needs.
          • Develops and demonstrates intimacy and understanding of the BCBSMA environment.
          • Capable of working with others to follow through on cross-functional tasks.
          • Analyzing Needs & Proposing Solutions:
            • Owns problems and solutions as a creative problem solver.
            • Considers the implications of the recommended solution in light of the culture and context of BCBSMA.
            • Fostering Teamwork & Collaboration:
              • Seeks and develops suggestions from others, drives partnering relationships.
              • Uses appropriate influencing techniques to gain genuine agreement.
              • Building Trust
              • Understands and represents multiple perspectives so that others understand positions and policies.
              • Acts as champion for the perspectives of different partners even in the face of resistance.
              • Effective change agent and serves as a role model for others.
              • Communicating Effectively:
                • Overall effective communication skills providing a crisp, concise message, specifically tailored for the intended audience to maximize impact and drive change.
                • Recognized as business unit expert in external communication, serves as a role model for others.
                • Effective skills in influencing & negotiating.
                • Able to advocate for effective solutions while acknowledging diverse viewpoints.
                • Acting with Urgency:
                  • Regularly takes actions that go beyond requirements to achieve objectives
                  • Provides leadership and direction for project execution
                  • Provides expertise to identify potential problems and executes adjustments to project timelines, tasks and resources allocation as required.
                  • Leadership Responsibilities:
                    • Works cross functionally to facilitate and organize actions to meet division and corporate goals.
                    • Assumes a lead role in collaborating to influence actions and decisions to positively impact business and financial results.
                    • Supports development and implementation of sound business initiatives across the division and BCBSMA.
                    • Champions process improvements fostering ownership and empowerment across the project teams, IT and the organization.Background and Experience:
                      • BS in Technology or Computer Science (Master's Degree preferred) related field with 10+ years of experience required.
                      • Certified Information System Security Professional (CISSP) certification required.
                      • Advanced knowledge and experience managing a security engineering or security operations team in a large, complex enterprise.
                      • Solid experience managing people, specifically, senior technologists and engineers.
                      • Experienced, effective manager that uses both a quantitative and qualitative based approach to achieve the desired deliverable.
                      • Operational experience administering enterprise class SIEM and vulnerability scanning tools.
                      • Strategic thinking with a focus on long-term planning and adaptability to evolving threats
                      • Strong problem-solving skills with a proactive approach to identifying risks before they materialize
                      • Ability to foster collaboration across decentralized teams while maintaining accountability
                      • Passion for driving innovation in cybersecurity practices.Minimum Education Requirements:High school degree or equivalent required unless otherwise noted aboveLocation: BostonTime Type: Full timeSalary Range: $244,890.00 - $299,310.00The job posting range is the lowest to highest salary we in good faith believe we would pay for this role at the time of this posting. We may ultimately pay more or less than the posted range, and the range may be modified in the future. An employee's pay position within the salary range will be based on several factors including, but limited to, relevant education, qualifications, certifications, experience, skills, performance, shift, travel requirements, sales or revenue-based metrics, and business or organizational needs and affordability.This job is also eligible for variable pay.We offer comprehensive package of benefits including paid time off, medical/dental/vision insurance, 401(k), and a suite of well-being benefits to eligible employees.Note: No amount of pay is considered to be wages or compensation until such amount is earned, vested, and determinable. The amount and availability of any bonus, commission, or any other form of compensation that are allocable to a particular employee remains in the Company's sole discretion unless and until paid and may be modified at the Company's sole discretion, consistent with the law.WHY Blue Cross Blue Shield of MA?We understand that the confidence gap and imposter syndrome can prevent amazing candidates coming our way, so please don't hesitate to apply. We'd love to hear from you. You might be just what we need for this role or possibly another one at Blue Cross Blue Shield of MA. The more voices we have represented and amplified in our business, the more we will all thrive, contribute, and be brilliant. We encourage you to bring us your true colors, your perspectives, and your experiences. It's in our differences that we will remain relentless in our pursuit to transform healthcare for ALL.As an employer, we are committed to investing in your development and providing the necessary resources to enable your success. Learn how we are dedicated to creating an inclusive and rewarding workplace that promotes excellence and provides opportunities for employees to forge their unique career path by visiting our Company Culture page. If this sounds like something you'd like to be a part of, we'd love to hear from you. You can also join our Talent Community to stay "in the know" on all things Blue.At Blue Cross Blue Shield of Massachusetts, we believe in wellness and that work/life balance is a key part of associate wellbeing. For more information on how we work and support that work/life balance visit our How We Work Page.
                        #J-18808-Ljbffr

Keywords: Blue Cross Blue Shield of Massachusetts, Inc., Boston , Director, Information Security Engineering, Executive , Boston, Massachusetts