Horizon Blue Cross Blue Shield of New Jersey · 7 hours ago
Threat & Vulnerab Analyst II
Newark, NJ
Full-time
Onsite
Senior Level
$96K/yr - $132K/yr
5+ years expHorizon Blue Cross Blue Shield of New Jersey is a health solutions leader committed to improving healthcare quality and affordability. The Threat and Vulnerability Analyst II will work with the IT Division to identify and remediate vulnerabilities in the technical environment, develop scanning strategies, and collaborate with senior management on risk assessments.
Health Care
Responsibilities
Develop and enhance scanning strategies to ensure complete coverage of Horizons entire networked environment
Partner with senior leaders within the IT Division to categorize vulnerabilities based on severity and risk for exploitation, and to categorize assets by criticality
Partner with the IT Division to establish SLAs for the remediation of vulnerabilities based on the severity of the vulnerability and the criticality of the asset
Partner with the IT Division to track vulnerability remediation
Collaborate with IT leadership regarding false positive determination and exceptions processes
Converse with Senior Management at all levels as to the current state of risk posed by vulnerabilities in the Horizon environment and the proposed remediation of those vulnerabilities
Create, maintain and present weekly and monthly metrics, to various audiences
Create and modify processes/procedures as needed, such as those supporting vulnerability remediation and the processing of threat intelligence
Ensure appropriate controls are being executed and policies/standards are enforced to satisfy Audit requirements
Assist in building a threat hunting program by developing and documenting threat and response scenarios and use cases
Qualification
Required
High School Diploma/GED required
Bachelor degree preferred or relevant experience in lieu of degree
Minimum 5 years IT Security experience (3yrs of the 5 detecting and remediating vulnerabilities)
Requires one or more industry certifications: CISSP, GCTI or similar industry certification
Knowledge of how to employ various security methodologies (Cyber-Kill-Chain, Defense-in-Depth, etc) in a security program
Knowledge of Patch Management and Vulnerability Management, and the difference in processes needed to remediate vulnerabilities
A deep understanding of IOCs, threat hunting, and APTs, cyber-crime and associated tools, tactics and procedures
Excellent knowledge of IT and computer systems
Experience working with operating systems (Windows,
ix, and Mac)
Experience working with a vulnerability scanning application (Nexpose, Nessus, Qualys)
Experience working with IT teams to prioritize both vulnerabilities and systems so that the most critical vulnerabilities are removed from the most critical systems in a short time span
Identifying the most critical systems
Classifying vulnerabilities by CVSS score
Experience preparing & presenting metrics to all levels in an organization
The use of various visualization techniques, and understanding where/when appropriate
The appropriate level of detail for the intended audience
The use of tools, such as MS-PowerPoint, Visio, etc
Experience in developing and modifying security policies, standards and processes
Defining the need for a new/changed process
Documenting the process flow using a tool such as Visio
Working with other teams to implement
Establishing SLAs to determine effectiveness
Experience identifying system vulnerabilities and working with appropriate teams to remediate them
Experience defining Operating System Baseline Configuration standards, including mapping to standards such as the Center for Internet Security (CIS) Critical Security Controls
Scanning, and working with appropriate teams to remediate
Experience working with Internal and External Auditors to ensure that documented controls / policies/ and standards are being adhered to
Experience utilizing various threat intelligence collection and reporting applications and sources such as ThreatStream, NH-ISAC, NJCCIC
Experience negotiating with teams regarding operational processes and procedures, including false positives, remediation exceptions, SLA extensions, etc
Ability to work in a large corporate environment as well as some experience analyzing emerging threats and emerging risks is important
Requires exceptional analytical thinking skills or analytical and problem solving skills
Requires excellent verbal and written communication skills
Requires excellent interpersonal skills and the ability to work effectively with others as a team
Requires excellent PC skills and demonstrated proficiency with MS Office Suite
Requires the ability to handle multiple tasks and prioritize effectively
Detail oriented and excellent organizational, time and stress management skills
Ability to work well individually as well as in a team environment
Self-starter with demonstrated ability to make decisions as necessary, escalating when appropriate, and ensuring that there is communication to all teams
Benefits
Comprehensive health benefits (Medical/Dental/Vision)
Retirement Plans
Generous PTO
Incentive Plans
Wellness Programs
Paid Volunteer Time Off
Tuition Reimbursement
Company
Horizon Blue Cross Blue Shield of New Jersey
Horizon Blue Cross Blue Shield of New Jersey is a company that provides health insurance products.
5001-10000 employees
H1B Sponsorship
Horizon Blue Cross Blue Shield of New Jersey has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (7)
2024 (7)
2023 (6)
2021 (1)
Funding
Current Stage
Late StageLeadership Team
Gary St. Hilaire
President & Chief Executive Officer
Recent News
2025-12-29
2025-12-25
Company data provided by crunchbase