Security Engineer

Company Description

• Who We Are:

Spring Venture Group is a leading digital direct-to-consumer sales and marketing company with product offerings focused on the senior market. We specialize in distributing Medicare Supplement, Medicare Advantage, and related products via our family of brands and dedicated team of licensed insurance agents. Powered by our unique technologies that combine sophisticated marketing, comparison shopping, sales execution, and customer engagement – we help thousands of seniors across the country navigate the complex world of Medicare every day.

Job Description

Job Summary:

The Security Engineer plays a crucial role in protecting Spring Venture Group's information assets and ensuring the integrity of our systems. This position requires a proactive and collaborative individual with a strong understanding of security principles and technologies. The ideal candidate will have 3-5 years of experience in IT or security, with a focus on SIEM, EDR, cloud security platforms, incident response, orchestration and automation, and vulnerability management. To be successful in this role, a candidate needs to be a team player who can effectively collaborate across IT teams and possess strong written and verbal communication skills.

Responsibilities:

SIEM Management: 

• Monitor and analyze security events and logs from various sources using SIEM tools.
• Develop and maintain SIEM rules, alerts, and dashboards.
• Investigate and respond to security incidents identified by the SIEM.

EDR Management: 

• Deploy, configure, and manage the organization's Endpoint Detection and Response (EDR) solution.
• Analyze EDR alerts and investigate potential security incidents.
• Develop and implement EDR rules and policies.
• Respond to and contain endpoint threats.

Cloud Security Platform Administration: 

• Configure and maintain cloud security platforms.
• Monitor and analyze cloud application usage and security events.
• Implement and enforce cloud security policies.

Incident Response: 

• Participate in incident response activities, including investigation, containment, and remediation.
• Document incident response procedures and findings.
• Contribute to the development and improvement of incident response plans.

Orchestration and Automation: 

• Develop and implement security automation scripts and workflows.
• Integrate security tools and systems for streamlined operations.
• Utilize orchestration tools to automate incident response and security tasks.

Vulnerability Management: 

• Conduct vulnerability scans and assessments.
• Analyze vulnerability reports and prioritize remediation efforts.
• Coordinate with IT teams to patch and remediate vulnerabilities.
• Maintain and improve the vulnerability management program.

Collaboration and Communication:

• Collaborate with IT teams to implement security controls and address security issues.
• Participate in technology support groups
• Provide security guidance and support to other departments.
• Document security procedures and maintain accurate records.
• Communicate security issues and recommendations effectively to both technical and non-technical audiences.

And all other duties as assigned. 

Qualifications

Qualifications:

• 3-5 years of experience in IT or security.
• Proven experience with SIEM tools (e.g., Splunk, Sentinel).
• Experience managing an EDR solution.
• Experience with cloud security platforms (e.g. Netskope).
• Strong understanding of incident response principles and methodologies.
• Experience with security orchestration and automation tools and scripting languages (e.g., Python, PowerShell).
• Knowledge of vulnerability management processes and tools.
• Strong understanding of networking and security protocols.
• Excellent problem-solving and analytical skills.
• Ability to work independently and as part of a team.
• Strong written and verbal communication skills.   
• Relevant security certifications (e.g., Security+, CEH, CISSP) are a plus.

Desired Skills:

• Experience with cloud security (AWS, Azure, GCP).
• Knowledge of compliance frameworks (e.g., NIST, ISO 27001).
• Experience conducting threat hunting, penetration testing, or purple team exercises.
• Experience in a regulated industry.

Personal Attributes:

• Team player with a collaborative mindset.
• Proactive and detail-oriented.
• Ability to adapt to a fast-paced environment.
• Strong work ethic and commitment to continuous learning. 

BEHAVIORS 

The SVG behaviors are listed below: 

• Be Aware (Emotional Intelligence)
• Be Open & Honest (Communication)
• Be a Team Player (Teamwork and Collaboration) 
• Be Accomplished (Drive for Results)
• Be the Example (Develop Self & Empower People)
• Be Forward Thinking (Strategic Thinking)
• Be a Problem Solver (Continuous Improvement)

Additional Information

Benefits:

The Company offers the following benefits for this position, subject to applicable eligibility requirements:

• Competitive Compensation
• Medical, Dental and vision benefits after a short waiting period
• 401(k) matching program
• Life Insurance, and Short-term and Long-term Disability Insurance
• Optional enrollment includes HSA/FSA, AD&D, Spousal/Dependent Life Insurance, Travel Assist and Legal Plan
• Generous paid time off (PTO) program starting off at 15 days your first year
• 15 paid Holidays (includes holiday break between Christmas and New Years)
• 10 days of Paid Parental Leave and 5 days of Paid Birth Recovery Leave
• Annual Volunteer Time Off (VTO) and a donation matching program
• Employee Assistance Program (EAP) - health and well-being on and off the job
• Rewards and Recognition
• Diverse, inclusive and welcoming culture
• Training program and ongoing support throughout your Venture Spring Venture Group career  

Security Responsibilities:

• Operating in alignment with policies and standards
• Reporting Security Incidents Completing assigned training
• Protecting assigned organizational assets

Spring Venture Group is an Equal Opportunity Employer