We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
I agree and accept cookies
Main menu
Post a Job
Request a Demo
Yes
No
Both
Advanced search
#alert
Back to search results / More jobs like this
Back to search results
New
Blue Cross Blue Shield of Alabama jobs

Cybersecurity Analyst

Blue Cross Blue Shield of Alabama
United States, Alabama, Birmingham
Jan 14, 2026
Overview

Department Overview

Information Security works to maintain the confidentiality and integrity of all company proprietary information as well as protected health information. The department works across company lines to ensure that appropriate measures are taken to maintain compliance with regulatory requirements and with generally accepted information security best practices.
Primary Responsibilities

The Cybersecurity Analyst will focus on assessing and managing cybersecurity risks associated with third-party vendors and suppliers. This role ensures that external partners meet the organization's security standards and regulatory requirements, reducing exposure to supply chain threats.

  • Vendor Risk Assessment: Conducting detailed cybersecurity risk assessments for high-risk vendors at onboarding and periodically throughout the relationship
  • Policy & Compliance: Ensuring vendor contracts include appropriate cybersecurity clauses covering data protection, incident response, and compliance obligations
  • Continuous Monitoring: Implementing and maintaining ongoing monitoring of vendor security posture using questionnaires, risk scoring, and automated tools
  • Risk Reporting: Documenting and reporting vendor risk metrics, remediation plans, and compliance status to leadership and governance committees
  • Collaboration: Working closely with procurement, legal, and business units to align vendor risk management with enterprise risk tolerance
  • Incident Response: Participating in incident planning and response activities involving vendors, including tabletop exercises and post-incident reviews
  • Integration: Incorporating vendor risk considerations into business continuity and disaster recovery planning
  • Regulatory Alignment: Staying current on regulatory requirements and industry standards related to third-party risk management
Summary of Qualifications

  • Bachelor's degree, preferably in Information Systems or a related field; or in lieu of a degree, 3 years' experience in Information Systems with direct experience in Information Security functions
  • Minimum of 2 years of information technology experience
  • Strong background in Information Technology and information security techniques and tools
  • Excellent human relations, listening, speaking and written communication skills in order to explain and discuss technical risks in both technical and business terms
  • Experience thinking logically and analytically in order to collect and analyze data in order to guide decision making
  • Demonstrated and effective team leadership skills in order to lead teams, including developing control strategies, project plans, monitoring progress, and promoting quality and timeliness from the team
  • Experience creating, understanding and utilizing complex processes
  • Experience facilitating initiatives that challenge or change existing processes
  • Certified Information Security Professional (CISSP) certification or Certified Information Systems Auditor (CISA) preferred
  • Experience in contract review for cybersecurity clauses preferred
  • Knowledge of supply chain risk management and vendor lifecycle processes preferred
  • Foundational knowledge of core information security concepts, such as multi-factor authentication (MFA), access control, encryption, secure authentication principles and general security best practices preferred
  • Major professional certification applicable to Information Security preferred

*This position may be filled at a higher level based on experience*
Work Location

The work schedule for this position will be hybrid (onsite/remote). Business areas reserve the right to require associates to return to the office as needed, based on performance or other business considerations. A hybrid work schedule is subject to amendment or termination at any time by the Company.
Terms and Agreements

By submitting a job application, I attest that all information to the best of my knowledge is true and accurate. Furthermore, I understand that any information provided by me throughout the job application process is subject to verification including, but not limited to work experience, education, assessment (test) and interviews.
We appreciate your interest in Blue Cross and Blue Shield of Alabama 'The Company'. The Company does not discriminate in hiring or employment on the basis of race, color, religion, creed, sex, sexual orientation, gender identity, national origin, age, disability, genetics, status as a disabled or protected veteran, or because of citizenship status in the case of a citizen or intending citizen. No question on this application is intended to secure information to be used for such discrimination.
Blue Cross and Blue Shield of Alabama is an independent licensee of the Blue Cross and Blue Shield Association
Realize Full Potential
Applied = 0
MORE JOBS LIKE THIS

(web-df9ddb7dc-h6wrt)