Senior Security Engineer

Amerisure creates exceptional value for its partners, policyholders and employees. As a property and casualty insurance company, Amerisure’s promise to our partner agencies and policyholders begins with a comprehensive line of insurance products designed to protect businesses, as well as the health and safety of every employee. Amerisure is an A.M. Best “A” (excellent) rated company and services mid-sized commercial enterprises focused in construction, manufacturing and healthcare. We are ranked as one of the top 100 Property & Casualty companies in the United States, and have nearly $1 Billion of Direct Written Premium ​and $1.15 billion in surplus.

Amerisure is currently recruiting for a Senior Security Engineer that can do a 2-day hybrid approach onsite in our Farmington Hills office. The ideal candidate will also possess the following skill set. 

Summary Statement

The Senior IT Security Engineer takes responsibility of designing, implementing, and maintaining robust security controls to safeguard the organization’s systems and data. This role administers the monitoring of security systems, leads vulnerability management efforts, and drives incident response processes to mitigate threats effectively. The Senior Engineer serves as a key advisor to leadership, providing recommendations on improving security strategies, adopting emerging technologies, and aligning security initiatives with business goals. This role ensures the delivery of innovative, high-quality security solutions while maintaining regulatory compliance.

Essential Tasks/Major Duties

• Configure, implement, and maintain security systems (e.g., firewalls, VPNs, IDS/IPS, endpoint security) with a hands-on approach to ensure the integrity and resilience of the organization’s IT infrastructure.
• Conduct vulnerability assessments and penetration testing (Red, Blue, and Purple Team exercises), actively configuring and fine-tuning security tools to identify and address security gaps.
• Lead incident response efforts and digital forensics investigations, providing support to analyze cyber events and implement practical remediation actions to minimize impact.
• Collaborate with cross-functional teams to enforce security best practices and ensure compliance with industry standards (e.g., ISO 27001, NIST, GDPR, HIPAA), configuring security solutions to meet evolving requirements.
• Mentor and guide security team members, sharing knowledge and expertise in areas such as threat analysis, vulnerability management, cloud security, and cryptography, while fostering a collaborative and learning-driven team culture.

Knowledge, Skills & Abilities

• Bachelor’s degree or equivalent combination of education and experience.
• 5-8 years security engineering experience.
• Expert knowledge of firewalls, VPNs, IDS/IPS systems, network monitoring, and traffic analysis to safeguard organizational infrastructure.
• Proficient in securing Windows, Linux, and macOS environments to mitigate vulnerabilities and enhance system security.
• Strong ability to reduce vulnerabilities and strengthen security on servers and endpoints.
• Deep understanding of common attack vectors and techniques, such as phishing, DDoS, and MITM, with a focus on proactive defense.
• Proficient in vulnerability assessment tools and capable of identifying and mitigating vulnerabilities across systems.
• Experience conducting Red, Blue, and Purple Team exercises to simulate attacks and assess the security posture.
• Working knowledge of digital forensics practices to investigate breaches and analyze security incidents.
• Familiarity with cryptographic protocols such as SSL/TLS, SSH, PKI, and emerging quantum-resistant encryption standards.
• Expertise in managing endpoint security tools, including antivirus, EDR, and endpoint management solutions.
• Proficient in SIEM tools, configuration, and optimization of alerts to monitor and respond to security incidents effectively.
• Experience with role-based access, multi-factor authentication (MFA), SSO, and privilege escalation to manage user access securely.
• Ability to implement complex cloud infrastructure with a focus on security best practices and compliance frameworks.
• Working knowledge of secure SDLC, API security testing, container security, and associated tools in a DevSecOps environment.
• Capable of leading team initiatives using project management and Agile methodologies.
• Strong understanding of security standards such as ISO 27001, NIST, GDPR, HIPAA, and domain-specific frameworks.
• Excellent communication skills to clearly articulate security risks, policies, and remediation strategies to both technical and non-technical stakeholders.
• Ability to mentor and coach peers, fostering a collaborative environment to maximize team potential.
• Required certifications include at least one CISSP, CCSP, GSEC, CEH, CISM, or CRISC, in addition to platform-specific certifications (AWS, Microsoft, Cisco, etc.).

Just as we are committed to creating exceptional value for our Partners For Success® agencies and policyholders, Amerisure also remains committed to being an employer of choice. We reinforce this commitment by adhering to an Employee Value Proposition that, in part, is provided through a competitive total rewards package. Amerisure offers a Compensation & Benefits Package that includes competitive base pay, performance-based incentive pay, comprehensive health & welfare benefits, 401(k) savings plan and profit sharing. In addition to generous paid time off programs, we allow our employees flexible and remote work arrangements.  If you strive for excellence and are committed to personal and professional growth, Amerisure is looking for you.

Amerisure Insurance provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics. In addition to federal law requirements, Amerisure Insurance complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training. Amerisure Insurance expressly prohibits any form of workplace harassment based on race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, genetic information, disability, or veteran status. Improper interference with the ability of Amerisure’s employees to perform their job duties may result in discipline up to and including discharge.