About Blue Cross

Blue Cross and Blue Shield of Minnesota is one of the most recognized and trusted health care brands in the world with 2.5 million members. We’re committed to reinventing health care to improve health for our members and the community. We hope you'll join us.

How Is This Role Important to Our Work?

The Architect Principal is responsible for developing enterprise level solutions that integrate across applications, systems and platforms. Aligns business and technology strategies to define project and/or program level architecture that enables business objectives. Works with project managers, other architects, and delivery teams to effectively manage the technology solution across initiatives to ensure an optimal, high level, conceptual design. Analyzes and translates business information and technical requirements into an architectural blueprint that outlines solutions to achieve business objectives. Leads enterprise level architecture frameworks, proof-of-concept, architecture standards and reference architectures. Servers as the highest level technology authority across multiple disciplines.

A Day in the Life:

• Develop and maintain overall security strategy that aligns with business and Enterprise Architecture strategies
• Provide technical leadership for security engineering efforts addressing top cyber security priorities and funded projects
• Review and guide domain architects and engineers on the development of appropriate security standards and technology baselines
• Lead product, application, and solution architecture and design reviews
• Research, analyze, and report on security industry trends and products to security leadership
• Serve as a security partner for executive management and business customers
• Possess strong AWS and Azure cloud security architecture experience for migrated applications
• Assess and report on Application Security Architecture and impact on cloud migration strategies
• Serves as the technical authority for security solutions within the organizational IT virtualization environments including private, public, and hybrid workspaces. (Nutanix, VMWare, IBM, Oracle, Azure, AWS, GCP).
• Work closely with the Security Engineering and infrastructure teams to assure optimal platform deployment meeting security and business needs are achieved for accomplishing security program objectives for premise and in the cloud.
• Manage and collaborate with vendors and contractors for security assessments and audits to assure ensure regulatory and company policy requirements are satisfied
• Provide leadership and solution guidance for cloud and on prem solutions across operational and strategic levels, and to third-party contractors and vendors.
• Document and diagram organizational cloud computing resources, networks, systems, and applications to enhance asset management and accountability of virtual resources.
• Operate as a member of the Enterprise Information Security and Enterprise Risk Management teams to support the protection and assurance of data and technology.
• Communicate security cloud concepts to both technical and non-technical audiences across different organizational units to improve governance.
• Design, develop, and implement appropriate reference architectures in cloud environments to meet regulatory compliance frameworks (e.g., HITRUST, PCI-DSS, SWIFT, NIST, and ISO).
• Participate in Application Development (AppDev) and DevOps projects and initiatives to implement security controls and procedures into the development lifecycle (DevSecOps, SSDLC, CI/CD, etc.).
• Facilitate management and oversight of other cloud service provider technologies and solutions in the environment, including security assessments and evaluations
• Drive the development and adoption of cloud and on prem security standards, best practices, and technologies within Enterprise IT infrastructure
• Formally develop security architecture documentation, policies, standards, guidelines, and processes.
• Educate application, domain portfolio, and solution architects on secure solution design and industry security standard methodologies
• Influence technical patterns and capabilities to implement security practices and cloud policy to shift left in the development processes
• Design security reference architecture implementation patterns that support technology platforms; tools; and security, compliance, and privacy requirements and principles; that lead to target state implementation
• Perform other duties as assigned.

Required Skills and Experiences:

• 7+ years of related professional experience. All meaningful experience including work, education, transferable skills, and military experience will be considered.
• Expert level ability to design highly complex application programs and systems.
• Expert level knowledge and understanding of architecture, application and or system engineering and integration.
• High level of experience in creating and leading architecture of multiple applications/systems using a variety of technologies.
• Exceptional ability in designing and implementing applications using several architecture patters, e.g., SOA.
• High level of operational experience designing and supporting large, critically important, systems.
• Expert level knowledge of technical, business, and industry.
• Exceptional oral and written communication and presentation skills.
• Exceptional human relations skills to effectively interact with leadership and management, peers, business partners and vendors.
• Highly skilled at systems, creative, critical and analytical thinking, decision making and problem solving.
• Expert level understanding of the standards and deliverables to ensure integrity of the design process.
• High-level knowledge of general business applications and business processes.
• Highly skilled at hands-on communication, facilitation, collaboration and leadership.
• Highly skilled at influencing and motivating individuals and teams.

Nice to Have:

• Bachelor's degree.
• Certification in TOGAF or similar architecture methodology In-depth knowledge of BCBS computer methodologies.
• In-depth knowledge of multiple business areas.
• Technical Certifications in one or more technical disciplines or products.
• Participation in user groups (AEA, ACM, IEEE).
• At least 8+ years’ experience in cybersecurity, including compliance and risk management with a background in system and network security engineering.
• A proven deep background (preferred 5+ years in addition to cybersecurity) in technology design, implementation, and delivery.
• Experience in cloud computing technologies, including software-, infrastructure and platform-as-a-service, as well as public, private, and hybrid environments.
• Extensive knowledge of traditional security controls and technologies, such as Security Information and Event Management (SIEM) systems, intrusion detection/prevention systems (IDS/IPS), public key infrastructure (PKI), identity and access management (IDAM) systems, antivirus, and firewalls, in addition to newer offerings such as endpoint detection and response (EDR), threat intelligence platforms, security automation and orchestration, deception technologies and application controls.
• Excellence in presenting business risk from cybersecurity issues.
• Experience driving measurable improvement in supervising and response capabilities at scale.
• Experience architecting SIEM systems, threat intelligence platforms, security automation and orchestration solutions, IDS/IPS, file integrity monitoring (FIM), data loss prevention (DLP), and other network and system monitoring tools.
• Track record of acting with integrity, taking pride in work, seeking to excel, being curious and adaptable, and presenting effectively.
• Expertise architecting cloud-native infrastructure using containerization and microservices transformation in application APIs, addressing platform operational security concerns.
• Experienced level ability to design highly sophisticated application programs and systems.
• Guide level knowledge and understanding of architecture, application and or system engineering and integration.
• High level of experience in creating and leading architecture of multiple applications/systems using a variety of technologies.
• Exceptional ability in designing and implementing applications using several architecture patters, e.g., SOA.
• High level of operational experience designing and supporting large, critical, systems.
• Expert level knowledge of technical, business, and industry.
• Exceptional oral and written communication and presentation skills.
• Exceptional human relations skills to effectively interact with leadership and management, peers, business partners and vendors.
• Highly skilled at systems, creative, critical and analytical thinking, decision making and problem solving.
• Expert level understanding of the standards and work you're doing to ensure integrity of the design process.
• High-level knowledge of general business applications and business processes.
• Highly skilled at hands-on communication, facilitation, teamwork and leadership.
• Highly skilled at influencing and motivating individuals and teams.

Make A Difference

Blue Cross is an Equal Opportunity and Affirmative Action employer that values diversity. All qualified applicants will receive consideration for employment without regard to, and will not be discriminated against based on race, color, creed, religion, sex, national origin, genetic information, marital status, status with regard to public assistance, disability, age, veteran status, sexual orientation, gender identity, gender expression, or any other legally protected characteristic.

Reasonable Accommodation for Job Seekers with a Disability: If you require reasonable accommodation in completing this application, interviewing, completing any pre-employment testing, or otherwise participating in the employee selection process, please direct your inquiries to talent.acquisition@bluecrossmn.com.

All roles require a high school diploma (or equivalency) and legal authorization to work in the U.S.

Blue Cross® and Blue Shield® of Minnesota and Blue Plus® are nonprofit independent licensees of the Blue Cross and Blue Shield Association.