A Career of Your Calling

About Blue Cross and Blue Shield of Minnesota

At Blue Cross and Blue Shield of Minnesota, we are committed to paving the way for everyone to achieve their healthiest life. We are looking for dedicated and motivated individuals who share our vision of transforming healthcare. As a Blue Cross associate, you are joining a culture that is built on values of succeeding together, finding a better way, and doing the right thing. If you are ready to make a difference, join us.

The Impact You Will Have

Blue Cross and Blue Shield of MN is hiring an Associate IT Risk Analyst in Eagan, MN. As a member of the Security Risk Management team, you will manage risks threatening our company and customer information through the application of risk assessments, policy creation and governance, oversight of the exchange of information with external parties, and completing attestations to the operational effectiveness of controls implemented by the company. You will drive collaboration with cross-functional groups to enable the achievement of business objectives and the protection of customer data and company assets.

You will have at least 2 years of progressive IT Risk Analyst experience, including control framework/concept and SOC2 audit operations. Strong written and verbal communication skills are essential for this role.

This role is hybrid, 2 days a week in office, out of Eagan, MN.

Your Responsibilities

• Drafts and maintains company policies supporting the protection of sensitive information and company assets.

• Conducts assessments of organizational people, processes and technology against regulatory, industry, and company control requirements.

• Evaluates the likelihood and impact of identified threats to support the prioritization of risk responses.

• Supports the collaboration of technical and non-technical teams to develop risk mitigation plans and gain alignment on risk treatment.

• Develops risk analyses and response recommendations to stakeholders and facilitates risk treatment decisions.

• Supports assessment and attestation activities to demonstrate the implementation and operation of information security processes and controls.

• Supports satisfaction of information security and compliance mandates.

• Monitors the implementation of mitigating controls to address identified risks.

• Demonstrates information security program components as part of customer sales cycles and on-going due diligence activities.

• Develops and distributes security awareness and education content.

• Ensures coordination and collaboration with other organizational areas through clear and effective communication and support.

• Executes day-to-day activities to perform governance oversight of data exchanges with external parties.

• Receives instruction, guidance and direction from others.

Required Skills and Experiences

• High school diploma (or equivalency) and legal authorization to work in the U.S.

• 2+ years' related professional experience. All relevant experience including work, education, transferable skills, and military experience will be considered.

• Cloud Service Provider Certification (e.g., AWS Cloud Practitioner, Azure Fundamentals, etc.) – required within 1 year of employment.

• Foundational ability to document understanding of business processes and technologies, including through process mapping, generating narratives, and crafting of executive summaries for easy consumption of complex topics.

• Demonstrated understanding of audit and assessment methodologies

• Demonstrated level knowledge of technical, business, and industry

• Proven oral and written communication and presentation skills

• Experience working independently and through ambiguity

• Proficient in the use of PowerPoint, Word, Excel, Visio, and MS Project.

Preferred Skills and Experiences

• Bachelor’s degree in Information Assurance/Security is desirable.

• Relevant cybersecurity certification(s): CISSP, CCSP, CISA

• Previous experience in an agile/product-led operating model.

• Previous experience in health management/insurance field.

Compensation and Benefits:

Pay Range: $77,200.00 - $102,300.00 - $127,400.00 Annual

Pay is based on several factors which vary based on position, including skills, ability, and knowledge the selected individual is bringing to the specific job.

We offer a comprehensive benefits package which may include:

• Medical, dental, and vision insurance
• Life insurance
• 401k
• Paid Time Off (PTO)
• Volunteer Paid Time Off (VPTO)
• And more

To discover more about what we have to offer, please review our benefits page.

Equal Employment Opportunity Statement

At Blue Cross and Blue Shield of Minnesota, we are committed to paving the way for everyone to achieve their healthiest life. Blue Cross of Minnesota is an Equal Opportunity Employer and maintains an Affirmative Action plan, as required by Minnesota law applicable to state contractors. All qualified applications will receive consideration for employment without regard to, and will not be discriminated against based on any legally protected characteristic.

Individuals with a disability who need a reasonable accommodation in order to apply, please contact us at: talent.acquisition@bluecrossmn.com.

Blue Cross® and Blue Shield® of Minnesota and Blue Plus® are nonprofit independent licensees of the Blue Cross and Blue Shield Association.