×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security Data Security Systems Engineer

Sr Information Security Analyst; Cloud​/Enterprise Security - Hybrid; PA​/NJ​/DE

Job in Philadelphia, Philadelphia County, Pennsylvania, 19117, USA
Listing for: Independence Blue Cross, LLC
Full Time position
Listed on 2026-03-03
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security, Data Security, Systems Engineer
Job Description & How to Apply Below
Position: Sr Information Security Analyst (Cloud/Enterprise Security) - Hybrid (PA/NJ/DE)
We are seeking a passionate, adaptable Information Security Analyst who will serve as a subject matter expert (SME) for business areas and technical teams, and act as the customer interface for the Information Security Operations function. You will strengthen our security posture by evaluating, testing, documenting, and operationalizing security solutions and controls across on?premises and cloud environments (Azure, AWS, Google Cloud Platform)-while enabling the business to innovate securely.

Continuous learning is a requirement to stay ahead of adversaries. This includes tracking modern attack techniques, and applying rigor to protect confidentiality, integrity, and availability of valued information assets. Expect close collaboration with audit/exam teams, technology management, and business stakeholders, plus meaningful contributions to incident preparedness and response.

Key Responsibilities:

Cloud & Enterprise Security (SME)
  • Serve as SME on security fundamentals, techniques, and technologies across Azure, AWS, Google Cloud Platform, and on?prem environments.
  • Guide cloud security architecture: IAM, encryption/key management, network controls, data protection, workload hardening.
  • Implement process improvements aligned to security frameworks (NIST CSF/800?53, ISO 27001) and business needs; optimize technology to improve customer experience.
Security Operations & Incident Response
  • Implement and monitor controls for unusual and suspicious activity across endpoints, networks, and cloud platforms.
  • Perform advanced monitoring, data/log analysis, threat hunting, and forensic investigations; contribute to SOC/IR workflows.
  • Plan, contribute to, and participate in incident plan exercises and tabletop scenarios.
Governance, Risk & Compliance (GRC)
  • Draft or revise local policies, standards, guidelines, and procedures to supplement enterprise frameworks; identify and remediate gaps based upon NIST standards.
  • Interface with internal/external auditors and examiners; maintain vendor management standards, questionnaires, and regulatory documentation (HITRUST, PCI, NIST, HIPAA, SOC2).
  • Review contracts and provide security guidance; support project scoping, costing, and cost-benefit analyses.
Stakeholder Engagement & Communication
  • Act as a liaison for the security team; clearly communicate business risk as it relates to information security.
  • Create technical documentation (reports, white papers, technical notes, implementation/configuration guides).
  • Use visual aids to convey complex topics to large, diverse audiences; communicate clearly in high?pressure, high?visibility situations.
Continuous Improvement
  • Recommend new security solutions and improvements that do not impede innovation.
  • Stay current with the evolving threat landscape; consistently learn and grow to remain a step ahead of attackers.
Technical Expertise

Cloud Security (Azure, AWS, Google Cloud Platform)
  • Azure:
    Defender for Cloud, Microsoft Sentinel, Entra  (Azure AD), Conditional Access, Key Vault, NSGs/Azure Firewall, storage encryption, Defender for Endpoint integration.
  • AWS: IAM roles/policies, Security Hub, Guard Duty, KMS, Cloud Trail/Cloud Watch, VPC security controls, AWS WAF, Secrets Manager.
  • Google Cloud Platform: IAM, Security Command Center, Cloud Audit Logs, VPC Service Controls, CMEK/KMS, Cloud Armor, Workload Identity; container security (GKE).
Additional Technologies
  • Operating Systems:
    Linux, Windows Server, Windows Desktop; hardening, patching, CIS Benchmarks.
  • Forensics & eDiscovery:
    Symantec, Purview, Proofpoint; email/file discovery; incident response.
  • Network & Perimeter:
    Palo Alto firewalls, URL filtering, DNS blackhole/geo?filtering, Wild Fire; F5 AWAF.
  • SIEM & Logging: MS Sentinel, MDE, Elastic;
    Endpoint management/log forwarding. Microsoft Data Lake, CRIBL
  • Vulnerability & App Sec:
    Qualys, Nexus

    IQ; OWASP?aligned testing and remediation.
  • Endpoint:
    Microsoft Defender, Microsoft ATP/Defender for Endpoint.
  • Identity & MFA:
    Okta, Microsoft (Entra ).
  • Core Services: DNS zone management; network micro?segmentation; zero trust?aligned controls.
  • Secure Productivity:
    Securing Microsoft 365 (Exchange Online, SharePoint/One Drive, Teams, Purview).
Qualifications:

Required…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search