Senior Security Engineer (Open to hiring at the Lead Engineer Level)

Why Wellmark: We are a mutual insurance company owned by our policy holders across Iowa and South Dakota, and we’ve built our reputation on over 80 years’ worth of trust. We are not motivated by profits. We are motivated by the well-being of our friends, family, and neighbors–our members. If you’re passionate about joining an organization working hard to put its members first, to provide best-in-class service, and one that is committed to sustainability and innovation, consider applying today!

Why Wellmark Technology? Wellmark is building innovative, modern solutions using cutting edge technology. We are driving organizational transformation and business strategy by empowering our technology team to innovate new and elegant solutions to enhance the customer experience. Together, we are leaning into the future, owning the outcome, and driving organizational change to transform how we work. 

Join our Security Engineering team where you’ll play a key role in redesigning IAM processes and driving automation across our AWS and DevSecOps environments. We're actively modernizing our toolset with SaaS migrations like CyberArk and SailPoint IIQ, offering hands-on experience with leading-edge technologies (AWS, Azure ADO, Pipeline scripting). You'll collaborate with a passionate, highly skilled team focused on building scalable, secure systems through scripting and automation. If you're looking to make real impact while growing your cloud and security expertise, this is the place to do it.

A senior security engineer is highly technical and proficient in cybersecurity and systems administration across a wide variety of infrastructure (SaaS, IaaS, PaaS). Continuously refines playbooks, processes, workflows and procedures for operational excellence. Automation and provisioning and managing resources across multiple environments with infrastructure as code (IaC) principles is required to be successful. Establishes business relationships and has strong interpersonal and communication skills. In tandem with security leadership, senior security engineers will consistently assess the threat landscape and adapt quickly to protect the business from risk. Will mentor junior employees to help strengthen the depth of the team. This role reports to security leadership and has strong working relationships with IT and application development leadership. 

Preferred: 

• AWS, Git, Python Programming, Pipeline development, Security tools like Sailpoint IIQ, CyberArk or the like. 

Required: 

• Bachelor's degree or direct and applicable work experience. 
• 5+ years of experience working in analysis of server or network controls in any of the following: DevOps, Identity and Access Management (IAM), system virtualization, Windows and Linux Security, Cloud Security, Network and Network Security, Active Directory, Python, JSON, Azure, AWS, Cloud Databases, etc. 
• Knowledge of compliance and regulatory program requirements, such as HIPAA, ISO 27000, NIST, FISMA, and SOC standards. 
• Experience using IAM the following tools such as CyberArk, Sailpoint, SumoLogic and how to architect said technology from the ground up. 
• Strong working knowledge across IT functions (systems, network, databases and/or application development, SAST tools, Azure DevOps) as well as how these technologies integrate in a DevSecOps environment. 
• Strong analytical and problem-solving skills. A certain degree of creativity, innovation and latitude is required (the ability to think outside the box when faced with challenges). 
• High attention to detail while completing tasks and processes. Ability to prioritize to maximize personal efficiency. 
• Ability to troubleshoot and interpret user problems and discern appropriate solutions. Ability to look across multiple systems, applications, and networks to troubleshoot security issues. 
• Strong compliance and regulatory focused customer service orientation with effective verbal and written communication skills working with technical and nontechnical personnel, with the ability to address all levels of leadership, business, technical, and non-technical staff. 

a. Provide guidance and direction on secure design, build, testing and deployment across cloud and on-prem infrastructure.

b. Work with developers, DevOps, engineering, and broader security teams in a dynamic environment to promote and implement identity and security best practices.

c. Maintain and enhance CI/CD security strategy and practices in tandem with other technical team leads.

d. Build services and tools to enable developers and engineers to easily use security components produced by application security team members.

e. Simplify automation that applies security inner-workings.

f. Support the ability to “shift left” and incorporate security early on and throughout the development lifecycle.

g. Maintain security measures for monitoring, logging, IAM, encryption, data protection, detection, and preventive controls.

h. Develop processes that produce evidence that will support security and compliance requirements.

i. Manage remediation efforts after security assessment findings outline weaknesses requiring attention.

j. Automate security processes and tooling into all the DevOps workflows to ensure security visibility and prioritization.

k. Document, formulate and enforce areas of security improvement that balance risk with business operations and do not diminish efficiencies or innovation.

l. Other duties as assigned.

All your information will be kept confidential according to EEO guidelines.

An Equal Opportunity Employer

The policy of Wellmark Blue Cross Blue Shield is to recruit, hire, train and promote individuals in all job classifications without regard to race, color, religion, sex, national origin, age, veteran status, disability, sexual orientation, gender identity or any other characteristic protected by law.

Applicants requiring a reasonable accommodation due to a disability at any stage of the employment application process should contact us at [email protected]

Please inform us if you meet the definition of a "Covered DoD official".

At this time, Wellmark is not considering applicants for this position that require any type of immigration sponsorship (additional work authorization or permanent work authorization) now or in the future to work in the United States. This includes, but IS NOT LIMITED TO: F1-OPT, F1-CPT, H-1B, TN, L-1, J-1, etc. For additional information around work authorization needs please refer to the following resources:Nonimmigrant Workers and Green Card for Employment-Based Immigrants