• Collaborate with the engineering departments to implement security controls from approved security frameworks and drive best IT practices. • Interface with internal partner teams to help drive best practices and compliance. • Evaluate and perform Risk Assessments of new software solutions with internal partners. • Drive deployment of new systems/solutions as needed. • Write procedure documentation for end users as needed to facilitate process improvement. • Help develop IT security training content and drive completion of required security training in collaboration with Human Resources. • Respond to complex security questionnaires, RFP/RFI requests, and client audits. • Facilitate end-to-end evidence gathering for external audits, ensuring all technical and administrative artifacts align strictly with security control requirements and regulatory frameworks. • Evaluate, identify, and remediate the risks associated with current vendors, new vendor acquisitions, and consumer data exchanges. • Perform risk oversight tasks of vendor security compliance. • Help run internal, external and vendor related audits. • Conduct security analysis of deployed software. • Monitor for risks to the enterprise and to implemented controls. • Identify, maintain, and publish the requirements for the IT department to achieve compliance and privacy standards in SOC 2, HITRUST, FedRAMP, and other frameworks. • Work with the internal team in communicating related security notifications and IT controls within the organization while collaborating with teams and vendors on changes, remediations, and updates. • Experience with incident management Drive use cases to enable threat detection and hunting based on threat intelligence frameworks. • Experience with Agile and/or Kanban with emphasis on Scrum to drive continuous process improvement. • Perform Access Reviews.

Role Description Du analysierst und bekämpfst Cyber-Security-Angriffe und trägst maßgeblich zur Absicherung komplexer IT-Landschaften bei. - Du identifizierst, bewertest und priorisierst Sicherheitsereignisse und leitest daraus gezielte Maßnahmen ab. - Du untersuchst neue Angriffstechniken und entwickelst gemeinsam mit dem Team wirksame Abwehrstrategien. - Du verbesserst unsere Erkennungsmechanismen und optimierst unseren Service aktiv z.B. durch Automatisierungen und Incident Enrichment. - Du bist aktiv in der Kundenkommunikation und unterstützt unsere Kunden bei sicherheitsrelevanten Fragestellungen. - Du bist Teil der IT-Security-Community, behältst aktuelle Trends im Blick und bringst neue Impulse ins Team. Qualifications - Du hast bereits mindestens zwei Jahre aktiv in einem Security Operations Center oder BlueTeam Erfahrung gesammelt. - Du besitzt gute Kenntnisse im Bereich Endpoint Detection & Response und SIEM/SOAR Lösungen – Idealerweise im Microsoft Security Stack von Defender for Endpoint bis Microsoft Sentinel. - Du bleibst auch in angespannten Situationen gelassen und hilfst den Kunden schwierige Situationen durchzustehen. - Du arbeitest gerne im Team und bist nicht konfliktscheu. - Du gehst analytisch und strukturiert an neue Situationen heran und hast eine gute Auffassungsgabe. - Du bringst sehr gute Deutsch- und Englischkenntnisse in Wort und Schrift mit. Benefits - Ausstattung mit neuem, leistungsfähigem IT-Equipment inkl. Homeoffice-Equipment, Merchandise wie Rucksäcke/Laptoptaschen, Poloshirt und Funktionsjacke. - BAV, Berufsunfähigkeit, Gruppenunfallversicherung. - Betriebliches Gesundheitsmanagement (Jobrad, Coaching, benefit@work etc.). - 30 Tage und diverse Sondertage (z.B. Hochzeit, Geburt). - berufundfamilie zertifiziert, Kindergartenzuschuss. - Persönliche und berufliche Weiterentwicklung durch zahlreiche Personalentwicklungsformate (z.B. Mentoring, Collaboration Labs, Entwicklungspläne etc.). - Corporate Benefits & Pluxee-Card. Company Description Die Tätigkeit kann auch remote durchgeführt werden, idealerweise in der Nähe unserer Standorte, Nürnberg oder Köln. Die Tätigkeit ist unbefristet und in Vollzeit zu besetzen. Bei Proact leben wir #WinAsOne – denn wir sind überzeugt, dass Vielfalt, Chancengleichheit und eine respektvolle Zusammenarbeit die Grundlage für gemeinsamen Erfolg bilden. Daher begrüßen wir alle Bewerbungen, unabhängig von Herkunft, Geschlecht, Alter, Religion, Behinderung, sexueller Orientierung oder Geschlechtsidentität. Solltest du beim Bewerbungs- oder Interviewprozess Unterstützung benötigen, wende dich gerne an jobs@proact.de.

This description is a summary of our understanding of the job description. Click on 'Apply' button to find out more. Role Description As a member of Premera’s Special Investigations Unit (SIU), the Investigator III leads complex investigations into allegations of external fraud, waste, and abuse (FWA). This role manages medium to high complexity cases from initiation through resolution, producing thorough, well-documented investigative reports that may be subject to legal discovery. The Investigator III conducts detailed analysis, collaborates closely with SIU colleagues, and balances multiple investigations simultaneously. In this role, you will also work to identify and recover improper payments resulting from fraudulent or misrepresentative billing, while ensuring all investigative activities comply with company policies, regulatory requirements, and applicable laws. - Analyze healthcare claim data and vet referrals to detect fraudulent activity and independently determine the most effective and efficient method of investigation for each individual case. - Perform investigative field work to include on-site office visits, record collection, and surveillance. - Interview suspects and witnesses. - Prepare cases, testify and give depositions to law enforcement and regulatory agencies for potential criminal prosecution. - Participate in settlement negotiations with attorneys and other responsible parties. - Perform root cause analysis of identified issues and prepare post-investigative reports directed towards the prevention of fraud. - Make recommendations for creating SIU policies, procedures, workflows and process improvements. - Develop and maintain collaborative and liaison relationships with Blue Cross Blue Shield Association (BCBSA), Blue Cross Blue Shield (BCBS) Plans, HHS OIG, other carriers' anti-fraud professionals, law enforcement and regulatory agencies. - May attend webinars and conferences like BCBSA, National Health Care Anti-Fraud Association (NHCAA), and Association of Certified Fraud Examiners (ACFE) to keep apprised of developments in health care fraud. Qualifications - Bachelor’s degree in business administration, health care administration, finance, accounting, nursing or criminal justice or (4) years of work experience in field of study. (Required) - (3) years of experience in fraud investigation, special investigation unit, or a related field. (Required) - Certified Professional Coder (CPC), Certified Fraud Examiner (CFE), or Accredited Health Care Fraud Investigator (AHFI). - Two (2) years of active experience in auditing and investigating in the healthcare industry. - Significant experience with relevant technology, such as background check systems, claims processing platforms, data mining, and fraud detection software. - Demonstrated knowledge of institutional and/or professional payment methodologies. - Strong understanding of health insurance reimbursement methodologies, including familiarity with International Classification of Diseases (ICD-10 CM), Current Procedural Terminology (CPT), and Healthcare Common Procedure Coding System (HCPCS). - Strong computer aptitude and experience with spreadsheet and database software, e.g., Excel, Access, Focus. - Demonstrated strong technical writing skills - ability to write reports and business correspondence and to prepare case files. - Ability to exercise a very high level of discretion when handling sensitive information. Benefits - Medical, vision, and dental coverage with low employee premiums. - Voluntary benefit offerings, including pet insurance for paw parents. - Life and disability insurance. - Retirement programs, including a 401K employer match and a pension plan that is vested after 3 years of service. - Wellness incentives with a wide range of mental well-being resources for you and your dependents, including counseling services, stress management programs, and mindfulness programs. - Generous paid time off to reenergize. - Tuition assistance for both undergraduate and graduate degrees. - Employee recognition program to celebrate anniversaries, team accomplishments, and more. - For our hybrid employees, our on-campus model provides flexibility to create your own routine with access to on-site resources, networking opportunities, and team engagement. - Commuter perks make your trip to work less impactful on the environment and your wallet. - Free convenient on-site parking. - Subsidized on-campus cafes make lunchtime connections with colleagues fun and affordable. - Participate in engaging on-site activities such as health and wellness events, coffee connects, disaster preparedness fairs and more. - Our complementary fitness & well-being center offers both in-person and virtual workouts and nutritional counseling. - Need a brain break? Challenge someone to a game of shuffleboard or ping pong while on campus.

• Monitor security tools including SIEM, endpoint detection platforms, cloud security services, and log management systems for alerts, anomalies, and suspicious activity across all environments • Review and assess security notifications in real time to identify potential threats • Perform initial triage and assessment of security incidents following established incident response procedures • Escalate incidents appropriately and coordinate technical response with cloud, infrastructure, and development teams • Collect and preserve forensic evidence as part of investigations • Document incident details, actions taken, root cause analysis, and lessons learned • Support ongoing improvements to security tooling and operational processes to reduce Mean Time to Detect (MTTD) and Mean Time to Respond (MTTR) • Assist in automation of repetitive security tasks using PowerShell or Python • Conduct routine vulnerability scanning across infrastructure and applications • Validate findings and communicate results to engineering and development teams for remediation • Track and report remediation progress • Coordinate cross-team communication during active security events • Participate in incident response and threat monitoring support, including after-hours • Communicate clearly and professionally with both technical and non-technical stakeholders