This role will be a focal point in the engineering of Information Security technology, procedures, and compliance. The role will primarily work with IT and the business as the Information Security technical resource. The position will also interact with external information security partners, vendors, and IT auditors.

WHY Jewelers Mutual: 

We are a financially secure, exceptionally positioned, and intellectually curious company driven by our core values of Agility, Accountability and Relevancy! We continue to raise the tide of the jewelry industry we’ve served since 1913 through our innovative people, our unyielding customer commitment, and evolution of our products and services to be the most trusted advisor to all we serve.

With a generous benefits package, office locations throughout the United States, and a mantra of “making your mark today”, consider evolving your career and shining bright with Jewelers Mutual Group!

Essential Duties and Responsibilities include the following. Other duties may be assigned.

• Develop and maintain secure, resilient enterprise-grade cloud processes in tandem with architects and system engineers.
• Configuration and monitoring security technologies within Azure, AWS, and GCP
• Implementation, configuration, and maintenance of assigned security technologies such as: DLP, SIEM, IAM/PAM, Web Proxies, EDR, Vulnerability Scanners, External Attack Surface Reduction, CSPM, Cloud Security Toolsets (EntraID, AWS Watchguard & Cloudtrail, etc.)
• Be the primary engineering contact with MDR service provider.
• Analyze, troubleshoot, and investigate security-related, information systems’ anomalies based on security platform reporting, network traffic, log files, and host-based and automated security alerts.
• Perform technical audit remediation.
• Assist in security governance of internal/external programming efforts.
• Assist in the development of IT security architecture, controls, processes, standards, policies and procedures that are aligned with the enterprise policies. 
• Ensure readiness for internal/external audits related to IT security and manage external information security partners.
• Lead medium to large projects and initiatives that support information security practices and policies.
• Partake in off-hours support rotation as required.
• Experience with security frameworks such as NIST CSF, CIS, etc.

To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

Leadership Responsibilities:

None

Qualifications

• Bachelor’s degree from a four-year college or university (preferred)
• 5 (min) years of hands-on, verifiable, technical security experience
• Expert level knowledge of various security tools operating in a cloud environment
  • Azure, EntraID, M365 Defender are primary
  • AWS is secondary
• Strong understanding of SIEM management
  • MS Sentinel preferred
• Strong understanding of enterprise, network, system and application-level security technologies
• Strong Understanding of enterprise cloud computing environments, distributed applications, and cloud network/network security layers.
• Understanding of system hardening processes (CIS), tools, guidelines, and best practices.
• Fundamental or greater understanding of encryption technologies.
• Excellent verbal and written communication skills.
• Ability to manage medium to large information security projects (or initiatives) while maintaining high levels of quality and effectiveness.
• Comfortable with working through ambiguity to clarify requirements and develop effective solutions.
• Demonstrates proficiency in Microsoft Office productivity tools (Word, Excel, PowerPoint, etc.)
• Understanding of Cyber Security and IS practices and principles preferred.
• Strong understanding of common technical, data, and security principles is preferred.

Certificates, Licenses, Registrations

• Certifications: CISSP, CCSP, SSCP, CSSLP, CEH, GSEC, or equivalent preferred

Physical Requirements

• Prolonged periods sitting at a desk and working on a computer.
• Occasionally required to stand; walk; use hands to finger, handle, or touch objects or controls; and talk or hear.