Cloud Security Architect, Principal

Your Role

The Information Security team is enabling the technical transformation of Blue Shield of California by developing capabilities that allow for the secure and compliant delivery of products and services.. The Cloud Security Engineer, Principal will report to the Sr. Manager of Information Security. In this role you will lead the tactical design, delivery, and integration of security foundational capabilities that are operationally excellent and seamlessly embedded into development and deployment pipelines to enable accelerated secure and compliant delivery of products and services.

Your Work

In this role, you will:

• Be a catalyst to transform healthcare with business aligned agile, repeatable, and standardized security technology ready for new emerging threats
• Document design decisions, flows, techniques, operational playbooks and other relevant items as needed to support easy and consistent consumption and support of security capabilities.
• Actively participate in a product team and work with business and engineering team to articulate security requirements in a way that leads to the secure creation and enhancement of the product
• Provide thought leadership and innovative methods to solving complex security challenges.
• Create and conduct automated cloud risk assessments utilizing standardized risk frameworks
• Provide significant security guidance, coaching and training to other employees across the company across a broad area of expertise
• Collaborate with Security Operations Center team members to define and implement adequate and appropriate security log event management that is operationally excellent
• Automate security processes and tooling to allow for rapid and secure cloud deployments.
• Establish and implement programmatic guardrails that ensure adequate and appropriate governance.
• Establish metrics and KPI's that measure the continued effectiveness and performance of security capabilities.

• Ensure security findings are natively and programmatically embedded into the IT and business delivery pipeline(s) so that security work is prioritized against other efforts.

Your Knowledge and Experience

• Requires a bachelor's degree or equivalent experience
• Requires at least 5 years of prior relevant experience

• Experience with various container technologies desirable, but not required
• Basic familiarity with the principles of design thinking, and lean and agile software delivery
• Have excellent communication skills (written and verbal).

• CISSP, CCSP, CISM, TOGAF or other security and/or Enterprise Architecture methodology certifications.
• Current Cloud Security certification in Azure, GCP or AWS highly desirable