United States onlyAs a Cybersecurity Analyst in API Security Testing at Florida Blue, you will play a critical role in protecting our members' sensitive information by identifying and mitigating vulnerabilities in our APIs, ensuring the security and integrity of our digital ecosystem. Your expertise will have a direct impact on safeguarding our organization's reputation and maintaining the trust of our members, while also enabling our business to innovate and grow in a secure and compliant manner.
What are the Key Responsibilities:
- Conduct API Security Testing: Design, execute, and analyze API security tests to identify vulnerabilities, weaknesses, and potential threats, using tools such as Postman, Burp Suite, or OWASP ZAP.
- Vulnerability Management: Identify, classify, and prioritize API vulnerabilities, and collaborate with development teams to remediate or mitigate identified issues, ensuring timely and effective risk reduction.
- API Security Compliance: Ensure API security testing aligns with relevant regulatory requirements, such as HIPAA, PCI-DSS, and OWASP guidelines, and maintain compliance with Florida Blue's security policies and standards.
- Threat Modeling and Risk Assessment**: Perform threat modeling and risk assessments to identify potential API security risks, and develop strategies to mitigate or eliminate those risks, ensuring the security and integrity of Florida Blue's APIs.
- Security Recommendations and Education**: Provide actionable security recommendations to development teams, and educate them on secure coding practices, API security best practices, and the importance of security testing, to promote a culture of security within the organization.
What is Required:
- 5+ years’ experience within Application Development, Cybersecurity, or Information Technology Infrastructure or combination of the 3
- Experience with API testing
- Understanding of OAuth and how it is used to secure APIs
- Experience with software development OR scripting with PowerShell or Python
- Current Cybersecurity certification in CSSLP, GCIH, or CEH, or ability to obtain within 180 days of being placed in the role
- Technical knowledge of security architecture, tools and controls with specific demonstrated experience in proactive detection, mitigation, and resolution of advanced cyberattacks and./or threats; technical knowledge of security infrastructure including security firewalls, data loss prevention, encryption, and end point protection appliances
- Demonstrated knowledge of information threat analysis and detection concepts and principles and impact and knowledge of OWASP Top 10
- Knowledge of network infrastructure including routers, switches, firewalls and associated network protocols and concepts.
- Experience developing, documenting and maintaining security procedures.
- Demonstrated success in communicating highly complex technical information clearly and articulately for all levels and audiences.
- Experience in evaluating complex, multi-sourced security intelligence artifacts and summarizing for consumption by internal stakeholders.
- Related Bachelor’s degree or additional related equivalent work experience Computer Information Systems with Cybersecurity
What is Preferred:
- Bachelor’s degree in a related field
- Exposure to Project Management methodologies like Waterfall, Agile, Lean or SAFe methodologies
General Physical Demands
Sedentary work: Exerting up to 10 pounds of force occasionally to move objects. Jobs are sedentary if traversing activities are required only occasionally.
What We Offer:
As a Florida Blue employee, you will thrive in our Be Well, Work Well, GuideWell culture where being well as an individual, and working well as a team, are both important in serving our members and communities.
To support your wellbeing, comprehensive benefits are offered. As an employee, you will have access to:
- Medical, dental, vision, life and global travel health insurance.
- Income protection benefits: life insurance, short- and long-term disability programs.
- Leave programs to support personal circumstances.
- Retirement Savings Plan including employer match.
- Paid time off, volunteer time off, 10 holidays and 2 well-being days.
- Additional voluntary benefits available; and a comprehensive wellness program
Employee benefits are designed to align with federal and state employment laws. Benefits may vary based on the state in which work is performed. Benefits for intern, part-time and seasonal employees may differ.
To support your financial wellbeing, we offer competitive pay as well as opportunities for incentive or commission compensation. We also conduct regular annual reviews with pay for performance considerations for base pay increases.
Typical Annualized Hiring Range: $97,900 - $122,400, in an annualized full salary range of $97,900 - $159,100
Final pay will be determined with consideration of market competitiveness, internal equity, and the job-related knowledge, skills, training, and experience you bring.
We are an Equal Employment Opportunity employer committed to cultivating a work experience where everyone feels like they belong and can perform at their best in pursuit of our mission. All qualified applicants will receive consideration for employment.
