What are the responsibilities and job description for the Senior Cyber Security Engineer position at Central Mutual Insurance Company?
Location: Hybrid Work Model- Van Wert, OH, Dublin, OH
We are a team of employees who are passionate to deliver best in class customer service and innovation in the industry. It’s because we put Integrity, Relationships and Excellence in all aspects of our work.
Our employees have the opportunity to fully utilize their talents and bring their best self. We believe that who you are is just as important as what you do!Security and Technology plays a crucial role in our ability to deliver best-in-class insurance products. We are looking for a Senior Cyber Security Engineer to join our IT Security & Compliance team. We are looking for curious people that have a passion for security. You would be play a pivotal lead role in identity solutions we utilize for our employees, agents, and policyholders. Our mission is to produce a constantly optimized cycle of risk identification and mitigation while supporting our critical technology solutions in which identity is a core fundamental component.. We do this through threat modeling, strategic prioritization, and data driven decision making from security analytics.
How You’ll Make an Impact
Develop and coordinate IAM (Identity and Access Management) and PAM (Privileged Access Management) strategies to ensure secure access to systems and data
Design, configure, and manage IAM and PAM solutions including user provisioning, access controls, authentication, and authorizations
Collaborate with other IT teams who will integrate with IAM and PAM solutions including Single Sign On (SSO) federation with existing applications and systems
Develops and executes security controls, defense, and countermeasures to prevent attacks that utilize weakness in user access controls
Maintain and enforce robust password policies, ensuring compliance with best practices and regulatory requirements
Monitor and respond to security events related to authentication triggers including investigation and mitigation of potential threats
Coordinate the user access review and privileged access review process to identify any discrepancies or unauthorized access and remediate those findings in according with regulatory requirements
Performs root cause analysis, conducts threat analysis, determines an action plan to remediate any risks identified, and provides recommendation to remedy issues to Director
Designs and conducts threat modeling and penetration testing for exploitable weaknesses related to identity within Central infrastructure
Provides expertise for data security related to identity concepts in areas such as encryption protocols, DLP solutions, data masking or data anonymization techniques
Leads collaboration and provides advice within identity related initiatives with functional areas within Information Technology as well as key stakeholders throughout the organization in collaboration with IT partners
What You’ll Bring
Bachelor's degree in Computer Science and 4 years of cyber-security experience
Or 6 years of cyber-security experience
Preferred
Creativity and passion for cyber security
Curious mind and strong desire to constantly learn
Proven researcher and experience with staying up to date on cyber security trends
Top notch communication skills and ability to clearly explain security risks and persuade any audience
Ability to weigh risks, calculate the costs on a course of action, and propose the optimal path toward mitigation
Capable of designing and enhancing security KPI metrics to prioritize activities
Expert and wide-ranging knowledge in security concepts within NIST Cyber Security Framework
Adept skill and proven experience in utilizing IAM and PAM solutions
Proven expertise in protecting service accounts and non-human accounts
Expert knowledge with the risk assessment methodology
Expert knowledge of Identity and Access Management concepts
Strong in-depth knowledge of user provisioning and access controls workflows and capable of utilizing KPI metrics to design change and continuously improve
Advanced knowledgeable in cyber risk assessment, cyber risk management, threat modeling and penetration testing concepts
Proven experience with security implementations of encryption, data security, SIEM, file transfer protocols, and cloud services
History of providing sound technical advice during tabletop exercises at the IT or Corporate level
Ability to understand Central Insurance’s policies and processes