Information Security Engineer
Valhalla, New York
Employer: USI Holdings Corporation
Industry:
Salary: Competitive
Job type: Full-Time
The Information Security Engineer's daily duties include operational design and support of the Security Event and Information Systems along with various other security services. The engineer will design and automate delivery of the weekly, monthly, and quarterly metrics reports. The engineer will also have the opportunity to manage all phases of security tools development and testing; implements, manages security tools, including configuration management and change control.
Responsibilities
• Provide architectural, operational, and engineering support for critical security application systems and services including SIEM, Data leakage prevention, content filtering, firewall compliance, vulnerability, and security event management.
• Proactively maintain, monitor, and improve our security applications with timely incident detection and response.
• Continuously develop rules for security services (i.e., SIEM, UEBA, SOAR, DLP, CASB, etc.) by reviewing and analyzing collected security log information from the Security Event and Information System and UEBA to protect computer networks and databases from unauthorized access.
• Deploy, configure, and maintain the Exabeam SOAR platform to align with organizational security requirements. Customize playbooks, workflows, and integrations to enhance security operations.
• Responsible for the analyzing, designing, installing, configuring, maintaining, and repairing of security infrastructure and application components. Ensuring overall technical capabilities, stability, and performance. Provide direction, recommendations, design, and implementation for security enhancements.
• Ensure information network security design, plans, controls, processes, standards, policies, and procedures are aligned with generally accepted IT security practice and standards and the overall IT security approach of our primary technology partners.
• Partner with infrastructure and app/dev teams to design, deliver and maintain highly available, application systems and services.
• Contribute to project plans, author security engineering level documentation, and develop detailed test plans.
• Participate in IT Security assessments, risk analysis, reporting and Incident Lesson's Learned takeaway actions for improvements.
• Design and conduct penetration & vulnerability testing to identify potential vulnerabilities in computer systems.
• Weekly review, identification and reporting of health and operational status of the various security services:
• Participate in security vulnerability scanning service/control-based process assessments (e.g., Change Management, Release Management, etc.), to include evaluation of supporting documentation, evidence, and alternative controls.
• Participate in training of security best practices to other staff members to raise awareness about security risks.
• Other duties as assigned.
Knowledge, Skills and Abilities
Education: Bachelor's Degree in Management Information Systems, Network Security, Computer Science or related.
Security Certifications Preferred: GSEC: GIAC Security Essentials, GISG: GIAC Information Security Fundamentals; ISC2: CISSP, Vendor specific certifications.
Familiar with governance and compliance concepts, practices, and procedures, which includes but is not limited to HIPAA, PCI-DSS, ISO, NIST, SOX, GDPR, Privacy Laws.
Ability to communicate effectively in both written and verbal forms with various levels of staff, including other analysts, managers, and employees.
Information security engineer must have critical thinking skills to make decisions about how to protect USI's information. Determining the best security measures to take and the most effective ways to implement them.
Experience
• 5+ years' experience as an analyst in Information Security in a corporate IT department/NOC/SOC
• Previous experience monitoring, analyzing, and escalating, Security incidents from multiple sources.
• Ability to effectively communicate in a technical team environment.
• 5+ years of experience with security products, such as SEIM, IPS, IDS.
• Previous experience developing reports to IT leadership.
#LI-JM4
#LI-Remote
USI is committed to providing a full-suite of competitive benefits for our growing population and its diverse needs. We offer a wide range of health, welfare and financial benefits including medical, wellness, dental and vision, 401(k), flexible spending and health savings accounts, short and long-term disability, life insurance and other unique employer-sponsored and voluntary programs. USI also offers a generous paid time off policy, paid family leave benefit as well as paid holiday time.
Salary Range: $100,000-$115,000. This is a bonus eligible position with a target incentive of 15%.
Job ID:
28273
Responsibilities
• Provide architectural, operational, and engineering support for critical security application systems and services including SIEM, Data leakage prevention, content filtering, firewall compliance, vulnerability, and security event management.
• Proactively maintain, monitor, and improve our security applications with timely incident detection and response.
• Continuously develop rules for security services (i.e., SIEM, UEBA, SOAR, DLP, CASB, etc.) by reviewing and analyzing collected security log information from the Security Event and Information System and UEBA to protect computer networks and databases from unauthorized access.
• Deploy, configure, and maintain the Exabeam SOAR platform to align with organizational security requirements. Customize playbooks, workflows, and integrations to enhance security operations.
• Responsible for the analyzing, designing, installing, configuring, maintaining, and repairing of security infrastructure and application components. Ensuring overall technical capabilities, stability, and performance. Provide direction, recommendations, design, and implementation for security enhancements.
• Ensure information network security design, plans, controls, processes, standards, policies, and procedures are aligned with generally accepted IT security practice and standards and the overall IT security approach of our primary technology partners.
• Partner with infrastructure and app/dev teams to design, deliver and maintain highly available, application systems and services.
• Contribute to project plans, author security engineering level documentation, and develop detailed test plans.
• Participate in IT Security assessments, risk analysis, reporting and Incident Lesson's Learned takeaway actions for improvements.
• Design and conduct penetration & vulnerability testing to identify potential vulnerabilities in computer systems.
• Weekly review, identification and reporting of health and operational status of the various security services:
• Participate in security vulnerability scanning service/control-based process assessments (e.g., Change Management, Release Management, etc.), to include evaluation of supporting documentation, evidence, and alternative controls.
• Participate in training of security best practices to other staff members to raise awareness about security risks.
• Other duties as assigned.
Knowledge, Skills and Abilities
Education: Bachelor's Degree in Management Information Systems, Network Security, Computer Science or related.
Security Certifications Preferred: GSEC: GIAC Security Essentials, GISG: GIAC Information Security Fundamentals; ISC2: CISSP, Vendor specific certifications.
Familiar with governance and compliance concepts, practices, and procedures, which includes but is not limited to HIPAA, PCI-DSS, ISO, NIST, SOX, GDPR, Privacy Laws.
Ability to communicate effectively in both written and verbal forms with various levels of staff, including other analysts, managers, and employees.
Information security engineer must have critical thinking skills to make decisions about how to protect USI's information. Determining the best security measures to take and the most effective ways to implement them.
Experience
• 5+ years' experience as an analyst in Information Security in a corporate IT department/NOC/SOC
• Previous experience monitoring, analyzing, and escalating, Security incidents from multiple sources.
• Ability to effectively communicate in a technical team environment.
• 5+ years of experience with security products, such as SEIM, IPS, IDS.
• Previous experience developing reports to IT leadership.
#LI-JM4
#LI-Remote
USI is committed to providing a full-suite of competitive benefits for our growing population and its diverse needs. We offer a wide range of health, welfare and financial benefits including medical, wellness, dental and vision, 401(k), flexible spending and health savings accounts, short and long-term disability, life insurance and other unique employer-sponsored and voluntary programs. USI also offers a generous paid time off policy, paid family leave benefit as well as paid holiday time.
Salary Range: $100,000-$115,000. This is a bonus eligible position with a target incentive of 15%.
Job ID:
28273
Created: 2024-09-27
Reference: 28273
Country: United States
State: New York
City: Valhalla
Similar jobs:
-
Security Engineer, Maximum Application Security Team (MAST)
Amazon in New York, New York💸 $136000 per year -
Network and Security Engineer
Marist College in Poughkeepsie, New York💸 $80000 - $80000 per year -
Security Engineer II, Application Security Automation
Amazon in New York, New York💸 $136000 per year -
Senior Application and Infrastructure Security Engineer
StateJobsNY in New York, New York -
Security Engineer II, Application Security
Amazon in New York, New York💸 $136000 per year -
Specialist Cyber Security Engineer Operations Technology
Metropolitan Transportation Authority in New York, New York💸 $118404 - $139755 per year -
Product Security Engineer
News Corp. Class A in New York, New York -
IT Security Engineer
MetroPlusHealth in New York, New York -
Software Development Engineer III, Devices \u0026 Services Security
Amazon in New York, New York💸 $151300 per year -
Senior Security Engineer, AWS Proactive Security
Amazon in New York, New York💸 $143300 per year -
Lead Security Engineer
Insight Global in New York, New York -
IT Security Engineer
NYC Health Hospitals in New York, New York -
Security Engineer II, AppSec Testing and Intelligence Automation
Amazon in New York, New York💸 $136000 per year -
(General Hire) Cybersecurity Engineering Intern (Security & Privacy, USDS)- 2025 Summer (BS/MS)
TikTok in New York, New York -
Offensive Security Engineer (Security Posture Validation) - Offensive Security Operations - USDS
TikTok in New York, New York -
Cloud Network Security Engineer
SAIC in Remote Work, New York💸 $120001 - $160000. per year -
Tech Lead, Product Security Engineering
Google in New York, New York -
Security Engineer
Lawrence Harvey in New York, New York -
Security Engineer, Application Security Automation
Amazon in New York, New York💸 $136000 per year -
Information Security Systems Engineer
L-3 Technologies in Rochester, New York