Position Overview
The Executive Director, Cyber Threat Intelligence combines deep technical expertise with an ability to lead across the BlueCross BlueShield system to deliver an advanced cyber threat intelligence service. You will lead a team of highly proficient technical resources within Blue Cross Blue Shield Association (BCBSA) to work across 30+ individual BCBS Plans to curate, collect, and disseminate healthcare and Blue-specific strategic and tactical cyber threat intelligence information.
As a senior security leader, you'll bring your knowledge of mature cyber threat intelligence programs and operations to create practical understanding of the cyber threat landscape to enhance prevention, detection, and response capabilities across the Blue system. You will work closely across a distributed security community to evolve and advance cyber threat information collection and analysis processes, develop technical solutions that empower threat intelligence analysts with actionable and relevant threat information, and serve as trusted advisor and partner in shaping cybersecurity operational practices and strategic initiatives based on cyber threat intelligence.
You'll effectively and concisely communicate technical information to non-technical stakeholders, including executive audiences, to brief them on the business and technical aspects of the changing threat landscape to the healthcare industry and the collective Blue System. You'll shape the strategic direction, prioritize investments, and champion continuous improvement initiatives across BCBS cybersecurity programs.
You'll be empowered to serve as a thought leader within the BCBSA security leadership and strategic partner to over 30 CISOs and their teams to improve cybersecurity across the entire healthcare industry. You'll also have the opportunity to work with industry associations, ISACs, and the broader cyber threat intelligence community in representing the BlueCross Blue Shield Association and Plans related to cyber threat intelligence expertise.
Key Responsibilities
- Define and execute against short and long-term cyber threat intelligence strategic plan and roadmap.
- Deliver cyber threat intelligence capabilities that provide added value to Blue Plan security teams through adoption of advanced threat services throughout the BlueCross BlueShield system.
- Lead the development and execution of the cyber threat intelligence communications plan to brief the Board, executive leaders, CISOs, and technical teams on the state of threats facing the healthcare sector and the Blue system.
- Gain stakeholder buy-in and support for cyber threat intelligence initiatives and objectives through effective communications, influencing, and domain knowledge.
- Oversee the evolution and operation of an advanced technology platform and processes to enable cyber threat intelligence analysts and facilitate information sharing across Blue Plans.
- Advance the technical solutions used to deliver cyber threat intelligence at-scale through understanding of adversary motives and capabilities.
- Establish and continuously improve a network of threat intelligence sources and curate relationships with industry sources, third-party providers, external advisors, and subject matter experts.
- Promote staff development through coaching, training, projects, job sharing, career development plans, and continual development opportunities.
Education
- Required: Bachelors Degree
- Preferred: Masters Degree in Computer Science, Information Technology or related field, MBA or MS degree
Certifications
- Preferred: CISSP, CISM, GCTI, CTIA, GCIH and/or other relevant certifications are a plus
Experience
- 12 years IT/information security experience with a combined technical focus and minimum 5 years in a technical oriented leadership role.
- Experience in leading technical teams of at least 4 persons; hiring, developing, building a collective team-oriented culture.
- Track record of defining strategic direction, overseeing project/initiative execution, and achieving outcomes in a matrixed organization.
- Experience in implementing and managing cyber threat intelligence technologies and associated processes.
- Demonstrated detailed technical knowledge of threat actor motives, targets, and tactics.
- Experience in managing Information Security budgets.
Skills
- Excellent communication and presentation skills with the ability to address both technical and non-technical audiences.
- Strong problem solving, troubleshooting, and analysis skills.
- Ability to work in a matrixed organization and cross-functionally across technical and non-technical teams.
- Demonstrated ability to make operational decisions and monitor progress effectively.
People Management
#LI_HYBRID
#J-18808-Ljbffr