Information Security Engineer

Job Summary

As an Information Security Engineer in our Security Operations Center (SOC), you will contribute to the organization's security efforts by actively participating in the monitoring, detection, and response to security threats. This role involves implementing security measures, supporting incident response activities, and collaborating with various teams to ensure a strong security posture. You will have the opportunity to work closely with senior engineers to enhance your skills and apply your knowledge to protect the organization's digital assets. 

Job Responsibilities

• Assist in the design, implementation, maintenance, and management of comprehensive information security projects and initiatives within the Security Operations team. Ensuring the confidentiality, integrity, and availability of information assets within the insurance company. 
• Assist in coordinating and executing incident response activities, including identifying, investigating, and documenting security incidents, following established protocols and collaborating with senior engineers to ensure effective resolution.
• Assist in the delivery, implementation, and maintenance of SIEM and SOAR platforms to improve incident response capabilities and security operations.
• Monitor security events and manage ongoing incident response efforts to ensure efficient threat detection, analysis, and containment.
• Engage with industry forums, security communities, and regulatory bodies to stay informed about emerging security threats and regulations, representing the company's interests and contributing to industry-wide security initiatives.
• Collaborate with IT, network, and development teams to seamlessly integrate security practices across all technological domains of the organization.
• Familiarity with utilizing pre-trained AI models (such as OpenAI models) for security applications, including integrating AI for threat intelligence, automated threat detection and response, and data analytics for processing and analyzing security data. Comfortable with deploying AI solutions within security frameworks and aligning AI tools with cybersecurity strategies while ensuring their ethical use and maintenance in secure environments.
• Actively engage in internal groups such as Technical Advisory Boards (T-CAB), Communities of Practice, and cohorts to advocate for security best practices and drive a culture of security awareness across the organization.
• Contribute innovative ideas to refine security processes and documentation, aligning them with industry best practices to continuously strengthen the organization's security framework.
• Participate in the evaluation and integration of new security solutions and technologies to enhance the organization's defense capabilities. 

Job Qualifications

• Minimum 1-3 years of relevant experience in Information Security or Information Technology.
• Bachelor’s degree in Information Security, Computer Science, Information Technology or a related field and/or commensurate experience.
• Good understanding of information security principles and secure event log analysis
• Familiarity with SIEM (Security Information and Event Management) systems and tools.
• Basic experience in scripting and programming (e.g., Python, PowerShell) is a plus.
• Strong analytical skills and attention to detail. 

Preferred Certifications:  

Pursuing industry recognized security certifications, such as 

• ISC(2) 
  • CISSP, CCSP, CSSLP, ISSEP, ISSAP, ISSMP 

• GIAC (Global Information Assurance Certifications) 
  • GCIH, GMON, GSOC, GDSA, GCDA, GISF, GSLC 

• ISACA 
  • CISM, CRISC, CDPSE, CET, CSX-P 

Behavioral Competencies

• Certified Information Systems Security Professional
• Collaborates
• Customer focus
• Communicates effectively
• Decision quality
• Nimble learning

Technical Skills

• Security Engineering
• Firewall Management
• Threat Intelligence
• Network Security
• Incident Response
• Security Monitoring
• Vulnerability Management
• Identity Management
• Encryption Techniques
• Security Assessments
• Information Security

This job description describes the general nature and level of work performed in this role. It is not intended to be an exhaustive list of all duties, skills, responsibilities, knowledge, etc. These may be subject to change and additional functions may be assigned as needed by management.