An insurance company is looking for an IT Security Engineer to join their team in White Plains, NY. This role requires 3 days/week onsite.
Compensation: $80K-110K
Responsibilities:
Cloud competency in securing technologies such as AWS, Azure, etc.
Provide guidance to teammates and business units by advising on security and configuration best-practices, defense-in-depth, and secure SDLC
Responsible for governance and oversight of the third party risk management program and responsible for assessing the effectiveness of the controls in place to identify, monitor, and manage third party risk throughout the third party's lifecycle
Plan, identify and deliver security training courses & communications to company employees
Act as a Subject Matter Expert for Information Security and recommend best practices as needed
Assess existing platform and application hardening guidelines against industry standards
Identify and access risk findings within the environment with respect to risk definition and development of associated remediation plans
Provide support for ID Governance initiatives e.g. Access Recertification, user provisioning/deprovisioning etc. technologies and related processes
Provide support for Web filtering, Encryption, Data Leakage Prevention tools and related processes
Perform threats and vulnerability assessments and provide subject matter expertise on appropriate threat mitigation and patch management processes
Assist with the development and implementation of global security policy, standards, procedures and work instructions to ensure ongoing maintenance of security
Perform incident response planning as well as the investigation of security breaches, and assist with such breaches as necessary
Oversee execution of approved information security project plans and provide regular status reporting on progress of such projects
Develop and generate appropriate metrics (key risk and performance indicators) to measure the IS program and related processes
Assist with and provide response and remediation plans to internal and external Audit findings
Perform mandatory periodic review of security controls logs/activity
Coordinate reporting from internal systems & external monitoring services
Drive resolution of security alerts or incidents
Assist CISO in technical implementation of company security policy