Cyber Security Engineer

We’re thrilled that you are interested in joining us here at the Amynta Group!

Amynta is a premier insurance services company with more than $3.5 billion in managed premium and 2,000 associates across North America, Europe and Australia. Amynta specializes in Property, Casualty and Specialty insurance as well as Warranty and Protection. An independent, customer centered and underwriting focused company, Amynta serves leading carriers, wholesalers, retail agencies, auto dealers, original equipment manufacturers, and consumer product retailers with innovative insurance and warranty protection solutions.

Under the guidance of Information Security (IS) leadership, the Cyber Security Engineer is responsible for planning, developing, implementing and maintaining security programs, policies, and procedures that address risk and security requirements for the company.

ESSENTIAL TASKS

• Provide leadership, direction, and guidance in assessing, evaluating, and monitoring information security risks.

• Monitor computer networks and systems for threats and security breaches.

• Monitor incoming emails for potential threats, including adjusting security email settings and investigating phishing threats.

• Install, configure, and update security software and firewalls.

• Test systems for potential vulnerabilities.

• Develop systems and processes for security best practices throughout the company. Prepare reports on security incidents and log responses to maintain compliance with security standards and appropriate policies.

• Assist IS leadership with creating the framework for information security governance and compliance.

• Assist the IS leadership in the development of the budget, short and long‐range goals, and objectives, as required. Develop and maintain security policies and procedures; propose changes to existing policies and procedures to ensure operating efficiency and compliance.

• Assess, evaluate, and make recommendations to IS leadership regarding the adequacy of the security controls. Monitor and report on violations of computer security procedures; discuss enforcement procedures with IS leadership to ensure violations are not repeated.

• Monitor, maintain, and update virus protection software. 

• Maintain Internet security software. 

• Monitor Internet usage and network activity.

• Train users and promote security awareness to ensure system and data security. Research, evaluate, design, test, recommend or plan the implementation of new or updated information security hardware or software; analyze its impact on the existing environment; provide technical and managerial expertise for the administration of security tools.

• Consult with appropriate IT and business functions to ensure that security is factored into the evaluation, selection, installation and configuration of hardware, applications, and software.

• Coordinate and maintain software licensing agreements for security tools.

• Keep abreast of information security issues and regulatory changes. Engage in professional development to maintain continual growth in professional skills and knowledge essential to the position.

• Perform other duties as assigned.

KNOWLEDGE, SKILLS AND ABILITIES

• Thorough knowledge of computer software and networks; demonstrates an understanding of the job tasks and demonstrates excellent communication and human relations skills.  

• Skilled in performing risk assessments, defining solutions, and analyzing security requirements to develop appropriate controls.

• Experience in performing audits to assess and evaluate the adequacy of implemented security policies and controls. Experience in responding to security questionnaires from business partners, regulatory bodies, and other external parties to attest to the organization’s security policies and controls in place.

• In-depth knowledge of network protocols, operating systems, and common security vulnerabilities Hands-on experience configuring security tools and software (e.g. O365, NGFW, Internet Security/Web Filtering, End Points, DLP) and actioning alerts.

• Knowledge and experience with cloud security. Ability to work independently and prioritize tasks in a fast-paced environment, while maintaining attention to detail and meeting deadlines.

EDUCATION AND EXPERIENCE

• Bachelor's degree in information systems or equivalent with a minimum of 3 years of experience in computer-related security required. M.B.A. or M.S. in Information Security is preferred.

• Documented successful completion of a computer security course.

• Considerable experience in computer operations and computer security in the financial/insurance industry preferred. 

• A comparable amount of training and experience may be substituted for the minimum qualifications. 

• A broad understanding of security technologies including firewalls, proxies, SIEM, antivirus software, and IDPs. The ability to identify and spotlight vulnerabilities on on-premises remote networks, correct problems, and prevent security breaches.

• Responsibility and conscientiousness, including proper management of patches to defray business impact while keeping security protocols up to date.

SPECIAL REQUIREMENTS

Certified Information Systems Auditor (CISA) or Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM) preferred. 

The Amynta Group (the “Company”) is committed to a policy of Equal Employment Opportunity and will not discriminate against an applicant or employee on the basis of any ground of discrimination protected by applicable human rights legislation. The information collected is solely used to determine suitability for employment, verify identity and maintain employment statistics on applicants.

Applicants with disabilities may be entitled to reasonable accommodation throughout the recruitment process in accordance with applicable human rights and accessibility legislation. A reasonable accommodation is an adjustment to processes, procedures, methods of conveying information and/or the physical environment, which may include the provision of additional support, in order to remove barriers a candidate may face during recruitment such that each candidate has an equal employment opportunity. The Company will accommodate a candidate to the point of undue hardship. Please inform the Company's personnel representative if you require any accommodation in the application process.