Security Engineer/Sr. Security Engineer

What part will you play? If you’re looking for a place where you can make a meaningful difference, you’ve found it. The work we do at Markel gives people the confidence to move forward and seize opportunities, and you’ll find your fit amongst our global community of optimists and problem-solvers. We’re always pushing each other to go further because we believe that when we realize our potential, we can help others reach theirs. 

Join us and play your part in something special!

The role of the Senior Security Engineer is responsible for designing and implementing the best strategies to protect the internal network from unauthorized access. Senior Security Engineers need to know security analysis and design. This role must understand how to design architecture that protects the company, and work with other security specialists to help mitigate damages during current attacks. Senior Security Engineers are responsible for identifying any hardware or software issues that could be a future vulnerability, and work with managers to help change the architecture. It is critical to understand different hardware and software technologies, and use the Enterprise Security Framework to drive appropriate design and provide recommendations.

Title  

Security Engineer / Senior Security Engineer– Cyber Technology Engineering

Job Summary

A Senior Security Engineer at Markel has a wide range of responsibilities to secure the enterprise environment and reduce enterprise risk.  This role's primary responsibility is to provide operational support, documentation and maintenance of a variety of security tools and infrastructure, with a focus on Microsoft 365 & Cloud Security.  This role will act as a technical resource for policy development, secure architecture, regulatory and industry requirements, enterprise projects and other Markel initiatives. This position is part of the Cyber Technology Engineering team within the Global Security Services (GSS) division of Markel.

Job Responsibilities

• Responsible for secure configuration of cloud-based collaboration and productivity tool suites.
• Oversee changes to the cloud environment and deployment of software to ensure protection.
• Subject matter expert on applying the corporate security framework to cloud application design to support secure implementation.
• Develop appropriate cloud security architecture to be implemented in support of business and security initiatives, and compliance requirements.
• Produce or assist in creation of metrics to report on the state of Cloud Security that is shared with multiple levels of the business.
• Ensure secure processes for authentication, authorization, and encryption with a deep understanding of API integrations conditional access, MFA and zero trust methodology for cloud solutions.
• Responsible for secure configuration of mobile technology solutions, including secure access solutions.
• Create and maintain environments for the Global Security Services team to test security solutions, settings, and designs.
• Create new ways to ensure appropriate levels of security and risk mitigation exists throughout the organization on premise and cloud environments.
• Write and implement automation scripts for a variety of security needs.
• Project support from evaluation to implementation of new and emerging security products and technologies.
• Serve as a technical resource for other departments within the Global Security Services division.
• Provide operational support and maintenance for various security tools to include vulnerability management, endpoint detection and response, SIEM, and other technologies as required. 
• Participate in various run the engine processes such as firewall change approvals, software risk reviews, email security policy modifications, etc.
• Keep current with the latest security policies, news and events surrounding cyber threats and security and apply to experience to protect the network.
• Keep all technical skills up to date and share information learned about data protection to peers.
• Work with Manager to provide guidance, instruction mentoring and leadership to junior team members for purposes of achieving functional goals and objectives.
• Effectively communicate complex security problems and recommended solutions to an audience with varying levels of security and technical knowledge.
• Document and define corporate security policies, standards, and procedures.
• Develop documentation and diagrams to support ongoing security systems operations, maintenance, and problem resolution.
• Interpret and establish recommendations on controls to meet compliance and regulatory requirements for NY State/PCI/GDPR/NIST/etc.
• Other duties as necessary, including but not limited to incident response, change management, system maintenance, etc.

Education

• 5+ years related work experience & industry certification in cyber security.
• Bachelor’s degree in Computer Science or Engineering with a focus on Cyber Security, Digital Forensics or related work experience/certification.

Certification

CISSP, CCSP, CCSK, CompTA Security+ or similar industry approved certifications. Desirable

Work Experience/Skill Set

• Minimum of 5 years’ experience with Azure.
• Minimum of 3 years’ experience focusing on Azure security.
• Minimum of 3 years’ experience in securing collaboration/productivity suites such as O365.
• Strong understanding of cloud concepts, cloud network solutions and concepts,  including experience with products defined in SASE solutions.
• Strong Understanding of secure architecture and design of IaaS, PaaS, and SaaS solutions.
• Strong Microsoft Office knowledge.
• Strong communication, organization, documentation, and presentation skills, Attention to detail and Critical Thinking
• Ability to identify and evaluate risks in the design and operation of systems components and configurations.
• Ability to collaborate with team, vendors, and customers directly on systems security. 
• Ability to work during after-hours and during planned maintenance windows as required.
• High level of motivation, team orientation, professionalism, and trustworthiness.
• Advanced ability to operate well under pressure, multitask, and resolve difficult problems either independently or as a team.
• Ability to comprehend and grasp concepts involving computer intrusion activities, incident response techniques, tools, and procedures.
• Experience creating scripts with preference to experience in PowerShell and Python.
• Experience with IT process, risk, and control frameworks, such as NIST, COBIT and ISO is preferred.
• Thorough knowledge of digital forensics methodology as well as security architecture, system administration, and networking (including TCP/IP, DNS, HTTP, SMTP)
• Understanding of DevOps techniques and technologies such as Azure DevOps, Terraform, or similar, container technologies such as Kubernetes or Docker and secure API concepts, cloud-based identity and access solutions such as Azure AD and the concept of zero trust.
• Fundamental knowledge of Windows and Linux Operating Systems, concepts, terminology, topology, protocols, components, and operations, network security architecture concepts and configurations including firewalls, Web filtering/proxy, intrusion prevention systems, web application firewalls, NGAV, DLP, PAM, Vulnerability Scanning, IAM, Encryption, Email Protection, UBA, SIEM, cloud security, server administration, API integration, and change management practices, etc.
• Fundamental skill in installing, configuring, and troubleshooting security solutions.
• Basic knowledge of virtualization and hypervisor environments, database and data lake systems.

#LI-Hybrid

#deib

#piq

US Work Authorization

• US Work Authorization required. Markel does not provide visa sponsorship for this position, now or in the future.

Who we are: 

Markel Group (NYSE – MKL) a fortune 500 company with over 60 offices in 20+ countries, is a holding company for insurance, reinsurance, specialist advisory and investment operations around the world. 

 

We’re all about people | We win together | We strive for better 

 

We enjoy the everyday | We think further 

 

What’s in it for you: 

In keeping with the values of the Markel Style, we strive to support our employees in living their lives to the fullest at home and at work.  

• We offer competitive benefit programs that help meet our diverse and changing environment as well as support our employees’ needs at all stages of life.  

• All full-time employees have the option to select from multiple health, dental and vision insurance plan options and optional life, disability, and AD&D insurance.  

• We also offer a 401(k) with employer match contributions, an Employee Stock Purchase Plan, PTO, corporate holidays and floating holidays, parental leave.   

 

Are you ready to play your part? 

Choose ‘Apply Now’ to fill out our short application, so that we can find out more about you. 

 

Caution: Employment scams 

Markel is aware of employment-related scams where scammers will impersonate recruiters by sending fake job offers to those actively seeking employment in order to steal personal information. Frequently, the scammer will reach out to individuals who have posted their resume online. These "job offers" include convincing offer letters and frequently ask for confidential personal information. Therefore, for your safety, please note that: 

• All legitimate job postings with Markel will be posted on Markel Careers. No other URL should be trusted for job postings.

• All legitimate communications with Markel recruiters will come from Markel.com email addresses. 

 

We would also ask that you please report any job employment scams related to Markel to rarecruiting@markel.com. 

 

Markel is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of any protected characteristic. This includes race; color; sex; religion; creed; national origin or place of birth; ancestry; age; disability; affectional or sexual orientation; gender expression or identity; genetic information, sickle cell trait, or atypical hereditary cellular or blood trait; refusal to submit to genetic tests or make genetic test results available; medical condition; citizenship status; pregnancy, childbirth, or related medical conditions; marital status, civil union status, domestic partnership status, familial status, or family responsibilities; military or veteran status, including unfavorable discharge from military service; personal appearance, height, or weight; matriculation or political affiliation; expunged juvenile records; arrest and court records where prohibited by applicable law; status as a victim of domestic or sexual violence; public assistance status; order of protection status; status as a smoker or nonsmoker; membership or activity in local commissions; the use or nonuse of lawful products off employer premises during non-work hours; declining to attend meetings or participate in communications about religious or political matters; or any other classification protected by applicable law.  

  

Should you require any accommodation through the application process, please send an e-mail to the rarecruiting@markel.com.    

No agencies please.