Principal Security Consultant

Medica•Minnetonka, MN

3d•Hybrid

About The Position

Medica is a nonprofit health plan with more than a million members that serves communities in Minnesota, Nebraska, Wisconsin, Missouri, and beyond. We deliver personalized health care experiences and partner closely with providers to ensure members are genuinely cared for. We're a team that owns our work with accountability, makes data-driven decisions, embraces continuous learning, and celebrates collaboration — because success is a team sport. It's our mission to be there in the moments that matter most for our members and employees. Join us in creating a community of connected care, where coordinated, quality service is the norm and every member feels valued. Security is accountable for assisting in designing, building, testing and implementing security systems and solutions within Medica. As a Principal Security Consultant, you will evaluate current Medica systems and environments (on-prem and cloud), determine if they meet Medica security standards, and determine the necessary investments and activities needed to provide secure Medica IT environments. You will collaborate with internal teams and business stakeholders, and security architecture to create a sound future state architecture and capabilities related to security and information risk management. You will incorporate security design standards and patterns into evolving implementations and guide Medica’s strategic investments in IT security capabilities. As a trusted member of the cybersecurity team and industry community, the consultant works closely with internal technical teams, business units and external entities aligned with the business. Requires extensive knowledge of multiple cyber products and capabilities. Understands security practices, threat landscape, malware techniques, DLP, and Email Security, cloud security, Identity and Access Management, Security Operations, Threat and vulnerability management, endpoint protection, and security best practices.

Requirements

Bachelor’s degree or equivalent experience in a related field
10 years of work experience beyond degree

Nice To Haves

7+ years in IT with 3+ years of work as a Security Consultant or Security Architect
Demonstrated working knowledge of Information Security and IT Risk management capabilities
Demonstrated understanding of security protocols, cryptography, authentication, authorization
Demonstrated understanding and experience implementing Identity Management, multi-factor authentication, single sign on, and related technologies
Demonstrated experience in security applications and patterns in cloud platform providers such as Azure (preferred), AWS and GCP
Good working knowledge of current IT risks and implementing security solutions
Experience in creating and executing security tests, risks assessments
Strong written communication and presentation skills
Experience with Agile/Scrum methodology
Experience with Frameworks such as NIST, HITRUST, ISO27001, COBIT
Ability to explain technical security topics to those without security or technical background
Self-starter who can work independently
Coach / mentor other team members
Knowledge of Healthcare (Preferred)

Responsibilities

Consulting and Design Collaborate with partners and security architecture and provide security implementation plans for projects
Work with Product Owners, Scrum Masters, and Project Managers on work break down
Collaboration Collaborate with Internal Security teams on implementation
Work with teams on design and implementation issues
Process Improvement Recommend security improvements across security stack
Integrate with agile processes
Education and Awareness Cultivate a culture of security awareness, continuously educate medicate employees on security measures and ensure security policies are adhered to