Security Engineer

Are you looking for your next opportunity?

Sompo has a unique opportunity for a Security Engineer in our Information Security team.

Location: This position will be based out of one of our US locations preferably the NYC / Purchase, NY / Garden City, NY / Morristown, NJ / Boston, MA / Conshohocken, PA or Charlotte, NC office. We strive for collaboration which is why we offer a work environment where our employees thrive and develop long lasting careers.

Our Business, Your Impact, Our Opportunity

What you’ll be doing:

• Develop and implement application-focused security controls during all phases of Sompo’s Secure Software Development Lifecycle and production operations.
• Collaborate, as needed, with development teams to enhance their secure coding practices, application design patterns, and technology selection.
• Maintain a strong familiarity with:
• Sompo’s full stack of security technologies and common application architectures
  
  

regulatory requirements for security and privacy technologies.

• The various Sompo teams who are non-technical subject matter experts on those regulations.
• Industry-standard approaches for aligning development, operations, and security.
• Be responsible for continuously improving our suite of troubleshooting documents, SOPs, and support tools so that the IT support teams can self-resolve/diagnose application-level issues related to security incidents and/or controls.
• Application security review (development lifecycle, technology selection)
• Application security testing and instrumentation (production operations)
• Support of security tooling and automation
  
  

What You’ll Bring

• Minimum of 5 years of experience in information security.
• Systematic thinking – the ability to take a complex sequence of events and isolate the critical/relevant stages.
• Excellent interpersonal skills – the ability to engage with both end users and IT colleagues to understand a problem and determine fact patterns, measurable requirements, and success criteria.
• Strong understanding of:
• HTTP, HTML, REST, SOAP, JSON, XML, YAML, and other data formats, web authentication patterns, especially SAML and OAuth, TLS/X509, and cookies, DNS, TCP/IP, and related tools (e.g., interpreting packet captures), Encryption at rest and in flight.
• Development and direct work experience with:
• Languages for automation, especially Python and Powershell, Query tools.
• Excel for ad-hoc analysis. Must be comfortable aggregating disparate sets of logs and other data for unified analysis.
• Packet captures for low level network troubleshooting
• Application development building blocks, Web application security components
• Native security controls in the Microsoft stack (OS, Office, Edge)
• Ability to write ad hoc queries using one or more of the following:
• Splunk, Powershell, Regular expressions, SQL, XPATH
• Ability to write practical audience-relevant documentation related to troubleshooting.
• B.S. in Computer Science or Software Engineering
  

Salary Range: $115,000 – $165,000 Actual compensation for this role will depend on several factors including the cost of living associated with your work location, your qualifications, skills, competencies, and relevant experience.

At Sompo, we recognize that the talent, skills, and commitment of our employees drive our success. This is why we offer competitive, high-quality compensation and benefit programs to eligible employees.

Our compensation program is built on a foundation that promotes a pay-for-performance culture, resulting in higher incentive awards, on average, when the Company does well and lower incentive awards when the Company underperforms. The total compensation opportunity for all regular, full-time employees is a combination of base salary and incentives that gets adjusted upfront based on overall Company performance with final awards based on individual performance.

Summary

We continuously evaluate and update our benefit programs to ensure that our plans remain competitive and meet the needs of our employees and their dependents. Below is a summary of our current comprehensive U.S. benefit programs:

• Two medical plans to choose from, including a Traditional PPO & a Consumer Driven Health Plan with a Health Savings account providing a competitive employer contribution
• Pharmacy benefits with mail order options
• Dental benefits including orthodontia benefits for adults and children
• Vision benefits
• Health Care & Dependent Care Flexible Spending Accounts
• Company-paid Life & AD&D benefits, including the option to purchase Supplemental life coverage for employee, spouse & children
• Company-paid Disability benefits with very competitive salary continuation payments
• 401(k) Retirement Savings Plan with competitive employer contributions
• Competitive paid-time-off programs, including company-paid holidays
• Competitive Parental Leave Benefits & Adoption Assistance program
• Employee Assistance Program
• Tax-Free Commuter Benefit
• Tuition Reimbursement & Professional Qualification benefits
  
  

In today’s world, what do we stand for?

Ethics and integrity are the foundation of delivering on our commitment to you. We believe that core values drive success, and that when relationships are held in the highest regard, there is nothing that cannot be accomplished. At Sompo, our ring is more than a logo, it is a symbol of our promise. Click here to learn more about life at Sompo.

Sompo is an equal opportunity employer and we intentionally value inclusion and diversity. Above all, we want you to work in an environment that respects everyone’s unique contributions – we are passionately committed to equal opportunities. We do not discriminate based on race, color, religion, sex orientation, national origin, or age.