Security Engineer

Purpose

Do you have a passion for data security? Are you curious by nature? Do you have a talent for analyzing patterns? Do you have experience with security best practices? Are you service-minded and collaborative?

ARAG is hiring a security engineer! This person will collaborate with ARAG business units to ensure ARAG’s technology, network and data is secure. An analytical mindset and background in technology with expertise in networking, data, IT security administration are required.

Essential Duties and Responsibilities

• Ensure compliance with Information Security Program, including (but not limited to):
  • Manage and optimize access reviews processes and technology to assure a consistent and comprehensive view into team member access to data and systems.
  • Perform penetration testing annually; prepare detailed reports on findings and recommend remediation strategies.
• Manage and/or refine the rules, queries and filters that will collect security information and events of interest in the SIEM, including data from firewalls, servers, endpoints, and other security devices.
• Conduct daily monitoring of the SIEM and other alerting tools for any intrusive attempts or unusual traffic patterns; ultimately capture and manage potential attacks on corporate resources from both internal and external threats. Document any configuration changes according to change management policy.
• Research, obtain, deploy and manage Palo Alto Firewalls running in pass through mode. Work in collaboration with the infrastructure team to maximize interception and logging of traffic.
• Partner with the TIG team to understand various application and infrastructure technologies to mitigate any security risks or gaps.
  • Collaborate in OWASP penetration testing to identify any vulnerabilities in an application’s design and code.
  • Provide results and mitigations needed as a result of monthly external scans.
• Partner with IT Operations team to understand infrastructure designs and review outcomes of all scans, SIEM outcomes and best practices. Identify, prioritize, and determine remediation priorities with leader according to impact to the information systems and its data.
• Partner with Culture & People to educate all team members on Corporate and IT Security Policies.
• Consult and gather forensics on Incident Response investigations, per the established procedures and policies.
• Support in managing questionnaires and serve as the first line of assistance as the SME and/or provide back-up in facilitating completion when needed.
• Stay abreast of regulations and legislation (GLB, SOX, etc) that deal with IT Security and takes proactive action to keep company in compliance.
• Conduct security reviews of 3rd and 4th parties in support of the Risk team and/or integration of the business with new partners.
• Serve as an active participant and leading SME on all IT security related audits.
• Serve as an active participant on Disaster Recovery events related to cybersecurity.
• Serve as a representative of the ARAG culture and security expertise in client-facing meetings as occasionally needed.
• Conduct additional monitoring in the following areas:
  • Firewall access; works with Network Engineer to maintain security standards.
  • Proper use of Internet and third-party access to corporate applications and data.
  • Enforces use of anti-virus, anti-spam, and encryption software.
  • Corporate compliance with PCI standards.
  • Procedures for granting access to data and network.
  • New technologies and related topics through active participation in educational opportunities, technical, and business opportunities.
• Serve as a positive role model by representing ARAG at its Best.
• Other duties as assigned.

Qualifications

Knowledge

• Working knowledge of legislation and regulations involving security and access of corporate assets.
• Solid understanding of the technologies and applications used by the company, including but not limited to Microsoft Active Directory, Cisco firewalls, Azure, switches, and routers.

Skills

• Background in technology, with an expertise in at least two of the following: networking, data, IT auditing or security administration.
• Strong problem-solving and analytical skills to gather and analyze data, identify, and interpret trends, create solutions to solve complex challenges and make data driven decisions.
• Interpersonal skills to collaborate, educate and gain buy-in across multiple functions and levels of the organization.
• Highly organized with ability to effectively self-manage workload across multiple project teams, prioritizing based on highest impact work.
• Ability to effectively operate and remain positive in a fast-paced, ever-changing environment.
• Strong written and verbal communication skills with the ability to clearly articulate and present complex concepts to varying audiences.
• Availability to work during off-peak hours when necessary to ensure smooth operations during office hours. OR, to deal with immediate issues and security risks.
• Strong computer skills in a Microsoft Windows environment. Must include knowledge of Word, Excel, PowerPoint.

Education

• Four-year college level education, preferred in Computer Science, Cybersecurity, Management of Information Systems. OR equivalent combination of education, experience and formal training in IT security, auditing or a related field.

Experience

• Minimum of 6 years of related IT experience; 2 years of IT Security experience.

Certifications, Licenses, Associations, etc.

• Professional Cybersecurity certification (SSCP, CISSP, CISM, or other recognized security certifications) required or willing to attain within one year of employment.

Physical

• Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.