Cybersecurity Threat & Vulnerability Analyst

Posted Yesterday
Hiring Remotely in Newark, NJ, USA
In-Office or Remote
98K-133K Annually
Senior level
Healthtech • Insurance
The Role
Perform internal and external vulnerability assessments, manage scanning programs, prioritize and track remediation with EBTS teams, produce metrics and executive reports, support threat intelligence and threat hunting, maintain policies and ensure controls meet audit and regulatory requirements.
Summary Generated by Built In

Horizon Blue Cross Blue Shield of New Jersey empowers our members to achieve their best health.  For over 90 years, we have been New Jersey’s health solutions leader driving innovations that improve health care quality, affordability, and member experience.  Our members are our neighbors, our friends, and our families.  It is this understanding that drives us to better serve and care for the 3.5 million people who place their trust in us. We pride ourselves on our best-in-class employees and strive to maintain an innovative and inclusive environment that allows them to thrive. When our employees bring their best and succeed, the Company succeeds. 

About the Role

This role works closely with the Enterprise Business and Technology Solutions (EBTS) Division to develop, implement, and enhance processes that identify, assess, and remediate vulnerabilities across Horizon’s technology environment. The analyst is responsible for performing internal and external vulnerability assessments, managing vulnerability scanning programs, establishing security standards, and evaluating exceptions and false-positive findings.
The position plays a key role in reducing organizational risk by partnering with technology teams to prioritize and remediate vulnerabilities, developing long-term security solutions, and supporting threat intelligence and threat hunting initiatives. The incumbent will stay current on emerging threats, industry standards, and security trends, providing regular updates and recommendations to leadership regarding risks requiring remediation.

What You'll Do

  • Develop and enhance vulnerability scanning strategies to ensure comprehensive coverage across Horizon’s enterprise environment.

  • Conduct internal and external vulnerability assessments and validate scan results.

  • Apply established vulnerability management standards to classify vulnerabilities based on severity, exploitability, and business risk.

  • Categorize and prioritize assets according to criticality and organizational impact.

  • Partner with EBTS teams to develop and execute vulnerability remediation plans in accordance with established service level agreements (SLAs).

  • Track and report remediation activities to ensure timely resolution of identified vulnerabilities.

  • Analyze emerging cyber threats and assess potential impacts to Horizon’s technology environment.

  • Communicate current risk exposure, remediation efforts, and security recommendations to senior leadership and key stakeholders.

  • Develop, maintain, and present weekly and monthly vulnerability management metrics and executive reports.

  • Create, update, and maintain policies, standards, procedures, and process documentation related to vulnerability management and threat intelligence operations.

  • Ensure security controls, policies, and standards are operating effectively to satisfy audit and regulatory requirements.

  • Assist in the development and maturation of a threat hunting program by documenting threat scenarios, response playbooks, and use cases.

  • Collaborate with internal teams to investigate, validate, and resolve vulnerability findings, false positives, and remediation exceptions.

  • Support continuous improvement initiatives aimed at strengthening the organization’s overall cybersecurity posture

What You Bring

Education/Experience:

  • High School Diploma or GED required.

  • Bachelor's degree in Information Security, Cybersecurity, Computer Science, Information Technology, or a related field preferred.

  • Relevant experience may be considered in lieu of a degree.

Experience:
  • Minimum of five (5) years of Information Security experience required.

  • At least three (3) years of experience focused on vulnerability identification, assessment, and remediation.

  • Experience working within a large enterprise environment preferred.

  • Experience supporting security audits, regulatory compliance reviews, and risk management programs preferred.

Certifications:
  • One or more of the following certifications is required or strongly preferred:

  • CISSP (Certified Information Systems Security Professional)

  • GCTI (GIAC Cyber Threat Intelligence)

  • GIAC certifications

  • CompTIA Security+

  • Certified Ethical Hacker (CEH)

Knowledge:
  • Strong understanding of cybersecurity frameworks and methodologies, including Cyber Kill Chain, Defense-in-Depth, and related security models.

  • Comprehensive knowledge of vulnerability management and patch management processes and their respective remediation approaches.

  • Deep understanding of indicators of compromise (IOCs), advanced persistent threats (APTs), cybercrime techniques, and attacker tactics, techniques, and procedures (TTPs).

  • Knowledge of operating systems including Windows, Linux/Unix, and macOS.

  • Experience with vulnerability management platforms such as Nessus, Qualys, InsightVM (Nexpose), or similar solutions.

  • Knowledge of Center for Internet Security (CIS) benchmarks and Critical Security Controls.

  • Familiarity with threat intelligence platforms and sources such as Recorded Future, ThreatConnect/ThreatStream, H-ISAC, NJCCIC, and similar resources.

  • Understanding of audit, regulatory, and compliance requirements related to cybersecurity programs.

Skills & Abilities:
  • Proven ability to prioritize vulnerabilities and systems based on risk, asset criticality, and business impact.

  • Experience utilizing CVSS scoring and risk-based vulnerability management methodologies.

  • Strong analytical, investigative, and problem-solving skills.

  • Excellent verbal and written communication skills, including the ability to present technical information to both technical and non-technical audiences.

  • Experience creating executive-level dashboards, scorecards, and presentations using tools such as Microsoft PowerPoint, Visio, and Excel.

  • Experience developing and documenting security processes, standards, and procedures.

  • Ability to facilitate cross-functional collaboration and drive vulnerability remediation efforts across multiple teams.

  • Experience negotiating remediation plans, exception requests, SLA extensions, and false-positive determinations.

  • Strong project management, organizational, and time-management skills.

  • Ability to manage multiple priorities in a fast-paced environment.

  • Demonstrated attention to detail and commitment to operational excellence.

  • Self-motivated and capable of working independently while maintaining effective communication with stakeholders.

  • Strong interpersonal skills with the ability to build partnerships and influence outcomes across the organization.

Why Horizon?

At Horizon, you’ll do meaningful work that directly improves lives—while being supported by a mission‑driven organization that values expertise, collaboration, and growth.  We believe that when our people thrive, our communities do too.  If you are passionate about making an impact, we’d love to hear from you!

Salary Range:

$97,800 - $133,455

​This compensation range is specific to the job level and takes into account the wide range of factors that are considered in making compensation decisions, including but not limited to: education, experience, licensure, certifications, geographic location, and internal equity.  This range has been created in good faith based on information known to Horizon at the time of posting.  Compensation decisions are dependent on the circumstances of each case. Horizon also provides a comprehensive compensation and benefits package which includes:

  • Comprehensive health benefits (Medical/Dental/Vision)

  • Retirement Plans

  • Generous PTO

  • Incentive Plans

  • Wellness Programs

  • Paid Volunteer Time Off

  • Tuition Reimbursement

Disclaimer:

Horizon BCBSNJ employees must live in New Jersey, New York, Pennsylvania, Connecticut or Delaware. This job summary has been designed to indicate the general nature and level of work performed by colleagues within this classification. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities, and qualifications required of colleagues assigned to this job.

Horizon Blue Cross Blue Shield of New Jersey is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, protected veteran status or status as an individual with a disability and any other protected class as required by federal, state or local law.  Horizon will consider reasonable accommodation requests as part of the recruiting and hiring process.

Skills Required

  • High School Diploma or GED
  • Bachelor's degree in Information Security, Cybersecurity, Computer Science, IT, or related field
  • Minimum of five (5) years of Information Security experience
  • At least three (3) years focused on vulnerability identification, assessment, and remediation
  • Experience with vulnerability management platforms (Nessus, Qualys, InsightVM/Nexpose)
  • Knowledge of operating systems: Windows, Linux/Unix, macOS
  • One or more certifications: CISSP, GCTI, GIAC, CompTIA Security+, CEH
  • Experience utilizing CVSS scoring and risk-based vulnerability management methodologies
  • Strong understanding of cybersecurity frameworks and methodologies (Cyber Kill Chain, Defense-in-Depth)
  • Experience creating executive-level dashboards, scorecards, and presentations using PowerPoint, Visio, and Excel
  • Experience working within a large enterprise environment
  • Experience supporting security audits, regulatory compliance reviews, and risk management programs

Horizon Blue Cross Blue Shield of New Jersey Compensation & Benefits Highlights

The following summarizes recurring compensation and benefits themes identified from responses generated by popular LLMs to common candidate questions about Horizon Blue Cross Blue Shield of New Jersey and has not been reviewed or approved by Horizon Blue Cross Blue Shield of New Jersey.

  • Leave & Time Off Breadth PTO is characterized as generous, with ample days off and holidays enhancing the overall package. This breadth of time away supports a favorable view of total rewards.
  • Flexible Benefits Remote and hybrid options are available in multiple functions and are cited as a meaningful perk. Flexibility in where work is performed contributes to overall satisfaction with rewards.
  • Retirement Support The 401(k) match is considered decent to good. Retirement offerings are viewed as a solid component of the total package.

Horizon Blue Cross Blue Shield of New Jersey Insights

Am I A Good Fit?
beta
Get Personalized Job Insights.
Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.

The Company
HQ: Newark, NJ
4,974 Employees
Year Founded: 1932

What We Do

Horizon Blue Cross Blue Shield of New Jersey- the state’s largest and oldest health insurer - is a subsidiary of Horizon Mutual Holdings, Inc., a not-for-profit mutual holding company. Together with its affiliates, Horizon provides a wide array of medical, dental, vision and prescription insurance products and services. As New Jersey’ health solutions leader, Horizon is transforming healthcare by working with doctors and hospitals to deliver innovative, patient-centered programs that improve quality and lower costs. It is headquartered in Newark, NJ with offices in Wall and Hopewell, NJ. Horizon serves 3.7 million members including more than 1 million who rely on Medicaid for their health coverage.

Similar Jobs

Motive Logo Motive

Senior Analyst, Strategic Analytics

Artificial Intelligence • Fintech • Hardware • Information Technology • Sales • Software • Transportation
Easy Apply
Remote
United States
4000 Employees
148K-185K Annually

HopSkipDrive Logo HopSkipDrive

Senior Counsel

Automotive • Edtech • Kids + Family • Mobile • Social Impact • Transportation
Easy Apply
Remote
USA
450 Employees
178K-200K Annually

CrowdStrike Logo CrowdStrike

Sr. AI Agent Developer (Remote)

Cloud • Computer Vision • Information Technology • Sales • Security • Cybersecurity
Remote or Hybrid
USA
10000 Employees
140K-215K Annually

Circle (circle.so) Logo Circle (circle.so)

Senior Full-stack Engineer

Artificial Intelligence • Consumer Web • Digital Media • Information Technology • Social Impact • Software
Easy Apply
Remote
31 Locations
250 Employees
130K-140K Annually

Similar Companies Hiring

Sailor Health Thumbnail
Healthtech • Social Impact • Telehealth
New York City, NY
20 Employees
Granted Thumbnail
Mobile • Insurance • Healthtech • Financial Services • Artificial Intelligence
New York, New York
23 Employees
OneImaging Thumbnail
Healthtech
Miami, FL
62 Employees

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account