This link will leave wellcare.com, opening in a new window. WellCare and its subsidiaries are not responsible for non-WellCare content, privacy practices, products or services described on these websites.
Serves as a key technical subject matter expert in the development, implementation and maintenance of IT Security related projects and controls that are required to safeguard the company's information and technology assets and to ensure compliance with all applicable laws and regulations impacting the company.
Evaluates, designs, develops, implements and / or integrates security solutions.
As a subject matter expert, builds, consults, validates, and verifies system and application security designs.
Leads, performs or reviews security incident investigations.
Designs, implements, tests security controls and manages the associated remediation if needed.
Assist in formulating security architecture recommendations and design security services.
Perform project leadership tasks on select security projects including development of requirements, evaluation of competing products, selection and implementation of products.
Consults, validates and verifies system and application security designs.
Evaluates implements and / or integrates security solutions.
Assist in developing responses to internal & external audits, penetration tests and vulnerability assessments.
Recommends and coordinates the application of fixes, patches, & recovery procedures in the event of a security breach.
Research emerging technologies in support of security enhancement and development efforts.
Conduct risk assessments, penetration tests and diagnose internet/extranet security, intrusion attempts, and cyber-crime response.
Validates and verifies system and application security requirement definitions and analysis.
Performs other duties as assigned.
Additional Responsibilities:Candidate Education:
Required A Bachelor's Degree in Computer Science or in an IT related
Required or equivalent work experience 2 additional years of IT related experience may be substituted for degree
Required 8 years of experience in IT related field
Required 2 years of experience in Information Security
Required Other Significant experience doing internal and external penetration testing i.e. white hat hacking.
Required Other Solid experience with application security practices (Secure coding, OWASP Top 10
Preferred Other Information Security Auditing experience
Advanced Ability to work as part of a team
Licenses and Certifications: A license in one of the following is required:
Required Certified Information Systems Security Professional (CISSP) CISSP
Preferred Other GIAC Penetration Tester (GPEN) GIAC Certified Incident Handler (GCEH) Or equivalent
Required Advanced Other Strong Knowledge of Security Frameworks (ISO 27002, NIST 800-53, COBIT, HITRUST)
Required Advanced Other Knowledge of security regulations and standards (HIPAA, HITECH, SOX, PCI etc.)
Required Advanced Other •Hands on experience with Firewalls, DLP, Vulnerability Assessment tools (infrastructure and application) IDS/IPS, SIEM, 2 factor authentication, static and dynamic code analysis tools etc.
Required Advanced Other •Strong knowledge of common operating systems (Windows, UNIX) and authentication (Active Directory, Centrify)
Required Advanced Other •Proficient with Microsoft Word, Excel, SharePoint, PowerPoint, Access & Project.
Required Intermediate Other Must be able to perform hands-on support for a wide range of security technologies including, but not limited to: SEIM, IDS/IPS, HIDS, malware analysis and protection, content filtering, logical access controls, identity and access management, data loss prevention, content filtering technologies, application firewalls, vulnerability scanners, eDiscovery & forensics software, and security incident response etc.
Required Advanced Other Strong understanding of and familiarity with application and network security.