Information Security Officer

Description

PURPOSE: 

This is an ideal opportunity to work at a growing organization with a strong family culture. Shepherd Insurance is a privately-owned insurance agency that has delivered risk management solutions since 1977. With a wide variety of insurance and financial products, we are among the largest independent agencies in the country. 

As an Information Security Officer within the Shepherd family and IT team, you will be responsible for the management of IT risk. 

RESPONSIBILITIES: 

• Develop, implement, and monitor a comprehensive enterprise information security and IT risk management program.
• Assist with overall business technology planning, providing current knowledge and future vision of technology and systems.
• Monitor for potential system breaches, respond to alerts from information security tools, and investigate and resolve security incidents. 
• Serve as direct point of contact for security organization as well as provide leadership on efforts.
• Maintain and yearly review all information security policies, including Acceptable Use Policy, Access Management Policy, Incident Response Plan, and Security Awareness Policy.
• Design, build, and adapt security solutions to meet evolving needs of internal and external customers.
• Lead cyber security efforts and implementation for upcoming and current acquisitions implementation to agency platform.
• Ensure best practices and compliance by leading and advising projects to remediate gaps.
• Manage the Security Awareness Training platform and ensure all employees complete required training.
• Serve as direct point of contact for yearly security assessments, including cyber and annual pen testing, ensuring all items from assessment findings are completed or addressed.
• Collaborate with VCISO and work with both MSP and MSSP to improve the security of the environment.
• Perform other related duties as assigned.

Requirements

• Experience: At least two (2) years’ experience in similar position is desirable.
• Bachelor’s degree in Information Security or related field.
• Strong knowledge of information security principles, practices, and technologies.
• Experience with risk management and regulatory compliance.
• Excellent problem-solving and analytical skills.
• Strong communication and interpersonal skills.
• Ability to work independently and as part of a team.
• Experience working through BEC or other type of identified compromise.
• Strong verbal and written communication skills.
• Proficiency with Microsoft systems, including Active Directory, Microsoft 365 and Office Suite, Internet Browsers and ticketing systems.
• Ability to lift 50 pounds or more.
• Travel required between office locations.

The above noted job description is not intended to describe, in detail, the multitude of tasks that may be assigned, but rather to give the associate a general sense of the responsibilities and expectations of the position. As the nature of business demands change, so too may the essential functions of this position. 

AMERICANS WITH DISABILITY SPECIFICATIONS 

Physical Demands

The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

While performing the duties of this job, the employee is occasionally required to stand; walk; sit; use hands to finger, handle, or feel objects, tools or controls; reach with hands and arms; climb stairs; balance; stoop, kneel, crouch or crawl; talk or hear; taste or smell. The employee must occasionally lift and/or move up to 25 pounds. Specific vision abilities required by the job include close vision, distance vision, color vision, peripheral vision, depth perception, and the ability to adjust focus.

Work Environment 

Work environment characteristics described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. While performing the duties of this job, the employee is not exposed to weather conditions. The noise level in the work environment is usually moderate.