GEHA

GEHA (Government Employees Health Association, Inc., pronounced G.E.H.A.) is a nonprofit member association that provides medical and dental benefits to more than two million federal employees and retirees, military retirees and their families. We celebrate diversity and are committed to creating an inclusive environment for all employees.

GEHA has one mission: To empower federal workers to be healthy and well.

Offering one of the largest medical and dental benefit provider networks available to federal employees in the United States, GEHA empowers health and wellness by meeting its members where they are, when they need care. We serve our members with products they value and a personalized customer experience, sustained by a nimble and efficient organization. 

Create and provide solutions within a variety of computing infrastructures and public and private Cloud computing technologies. Conduct evaluations of technology standards, tools, products, and solutions, make rational design decisions from business and technical perspectives and communicate recommendations. Define guidelines and recommendations based on leading industry practices tailored to GEHA’s needs and infrastructure. Maintain responsibility for defining the technical strategy of a system, work closely with all stakeholders to vet technology decisions that support product capabilities now and for the future and guide it successfully through its execution.

SKILLS

• Maintain in-depth knowledge of GEHA strategic business plans.
• Provide architectural consulting expertise, direction and assistance to systems analysts, IT cloud engineers and other system engineers.
• Document and develop in-depth knowledge of GEHA existing architecture/infrastructure and technology portfolio.
• Develop, document, communicate and enforce cloud technology standard policies.
• Conduct research on emerging cloud technologies in support of infrastructure, development efforts and recommend technologies that will increase cost effectiveness and infrastructure flexibility.
• Make recommendations about platform and technology adoption, including development frameworks, languages, libraries, and DevOps and CI/CD tooling for web, client-server and mobile applications.
• Design, develop and oversee the implementation of end-to-end IT cloud integrated systems.
• Evaluates existing applications and systems. Recommends improvements or modifications.
• Acts as technical mentor for members of the IT team, providing input and feedback to others. Review Business Requirements Documentation, Technical Design Documentation and participate in peer review cycles with technical & non-technical counterparts.
• Assign tasks to the appropriate technical resource within the team; follow up on assigned tasks to ensure adherence to proposal internal and delivery milestones.
• Other duties as assigned.
• Bachelor of Arts or Bachelor of Science degree in Computer Science, Computer Engineering, Information Systems or Systems Engineering is preferred.
• Requires four - five years of experience in a technical consulting, solution architect, or systems engineering role which includes experience with building large-scale architecture solutions, including security concerns, high availability methods, multiple platforms, hardware considerations, network design, monitoring solutions, virtualization, performance, capacity planning, and information management practices.
• Requires experience in design, implementation, and/or support of highly distributed applications (i.e. having an architectural sense for ensuring availability, reliability, etc.)
• Experience with building, delivering, and managing Cloud IaaS environments using IaaS platforms, including AWS, Azure, Rackspace, or VMware.
• Experience with conducting proof-of-concept, developing prototyping, and building reference models.
• Excellent understanding of multi-tier architecture: web servers, caching, application server, load balancers and storage.
• Knowledge of message queuing and Enterprise Service Bus (ESB) architectures.
• Experience with route table, access control list, firewalls, NAT, HTTP, DNS, IP and OSI Network.
• Experience in DevOps including the design and automation of Infrastructure as a Service and Platform as a Service capabilities including virtual networks, virtual machines, cloud services, web services, data services and IoT services.
• Experience with data integration, relational databases, and SQL
• Knowledge of development methodologies and more than one of the following languages: Java, .NET C#, PHP, and JavaScript.
• Ability to display a demonstrated track record in building and setting architecture strategies
• Mentors junior developers, conducts code reviews and acts as a resource to others to resolve complex problems.
• Works under minimal supervision with wide latitude for independent judgment.

Summary

This position is responsible for assisting the Enterprise Architecture and Cybersecurity and Information Protection (CIP) teams and ensuring the secure design, planning, development, implementation and maintenance of GEHA’s information systems. Works closely with management and business partners and stakeholders to ensure security architecture and controls align with GEHA’s business strategy, risk profile, risk appetite and regulatory compliance and contractual obligations. Provides consulting, input and direction on information security related policies, procedures and controls. Provides technical consulting relative to security on complex organizational projects. Maintains an understanding of industry trends and current best practices regarding security related technologies, security architectural principles, and emerging threats. Provides security threat and risk management consultation and incident response support.

Duties and Responsibilities:

• Utilizes and provides guidance on security related functions and solutions including, but not limited to, firewalls, intrusion detection systems, multifactor authentication systems, antivirus and malware systems, secure email gateway appliances, web filtering proxy, security information and event management (SIEM) platforms, data-loss prevention (DLP), vulnerability detection, content filtering and identity and access management.
• Defines firewall policy standards and provides guidance on the creation of new rules and/or changes to existing rules.
• Improves threat detection and monitoring capabilities by automating IOC ingestion with platforms (e.g., MineMeld and Phantom), and assists with improving network monitoring capabilities and setting long-term strategy.
• Works with applicable teams to ensures all security systems are logging to the SIEM and the data is properly integrated into correlation rules and alerts. Assists with defining strategy and improvements to the SIEM and intelligence sharing capabilities between security platforms.
• Assists with long-term strategic planning of security architecture, policies, procedures, controls and monitoring across the entire GEHA network and cloud footprint.
• Collaborates with other teams as necessary to improve the security posture of all devices, leads continuous improvement of firewall capabilities and policies, and assists with endpoint protection enhancements.
• Sets standards for server, workstation and network device configuration hardening around the perimeter and across internal networks. Stays up to date on the latest attack methodologies and leads proactive mitigation and monitoring efforts in response to new developments.
• Assists the security team with continuous improvement of SOC duties, trains team on how to utilize new monitoring, assists with the development of response playbooks, and assists with tabletop training exercises.
• Supports security incident response including collection of evidence, analysis, and resolution efforts.
• Participates in internal and external audit support activities. Performs activities to resolve open audit issues.
• Assists with preliminary forensic evaluations of internal systems
• Participates in the organization’s disaster recovery and business continuity efforts including preparation and maintenance of plans, risk assessment, and testing. Assists with the identification and classification of information assets.
• Creates and maintains security documentation in support of team responsibilities, including but not limited to security architecture, business continuity, security assessments, vulnerability management, remediation activities, procedures, training, and metrics. Prepares ad-hoc reports in support of various initiatives.
• Supports management efforts to deliver a secure information processing environment for the organization. Participates in the organization’s SDLC and project management process to identify potential security concerns and control issues.
• Analyzes the information systems to ensure that appropriate security functions have been included in the systems design and architecture
• Influence technology teams to follow secure architecture and design principles
• Coordinate in selecting and supporting tools used to support secure design processes, control implementation and testing security measures

Work-at-home requirements

• Must have the ability to provide a non-cellular High Speed Internet Service such as Fiber, DSL, or cable Modems for a home office.
• A minimum standard speed for optimal performance of 30x5 (30mpbs download x 5mpbs upload) is required.
• Latency (ping) response time lower than 80 ms
• Hotspots, satellite and wireless internet service is NOT allowed for this role.
• A dedicated space lacking ongoing interruptions to protect member PHI / HIPAA information

How we value you

• Competitive pay/salary ranges
• Incentive plan
• Health/Vision/Dental benefits effective day one
• 401(k) retirement plan: company match – dollar for dollar up to 4% employee contribution (pretax or Roth options) plus a 6% annual company contribution 
• Robust employee well-being program
• Paid Time Off
• Personal Community Enrichment Time
• Company-provided Basic Life and AD&D
• Company-provided Short-Term & Long-Term Disability
• Tuition Assistance Program

Please note that the salary information is a general guideline only. GEHA considers factors such as (but not limited to) scope and responsibilities of the position, candidate’s work experience, education/training, key skills, internal peer equity, as well as, market and business considerations when extending an offer.

The annual base salary range for this position is $116,200 - $163,800 USD.

GEHA is an Equal Opportunity Employer, which means we will not discriminate against any individual based on sex, race, color, national origin, disability, religion, age, military status, genetic information, veteran status, pregnancy, marital status, gender identity, and sexual orientation, as well as all other characteristics and qualities protected by federal, state, or local law. GEHA will not discriminate against employees or applicants because they have inquired about, discussed, or disclosed their compensation or the compensation of another employee or applicant. We are committed to creating an inclusive environment for all employees. Our diversity drives innovation deepens connections and strengthens our organization.

GEHA is headquartered in Lee's Summit, Missouri, in the Kansas City area. We recognize the importance of balance and flexibility and offer hybrid and work-from-home options for many of our roles.