Senior Cyber Security Engineer

Location: Hybrid Work Model- Van Wert, OH, Dublin, OH

We are a team of employees who are passionate to deliver best in class customer service and innovation in the industry. It’s because we put Integrity, Relationships and Excellence in all aspects of our work.

Our employees have the opportunity to fully utilize their talents and bring their best self.  We believe that who you are is just as important as what you do!

Security and Technology plays a crucial role in our ability to deliver best-in-class insurance products. We are looking for a Senior Cyber Security Engineer to join our IT Security & Compliance team. We are looking for curious people that have a passion for security. You would be play a pivotal lead role in identity solutions we utilize for our employees, agents, and policyholders.  Our mission is to produce a constantly optimized cycle of risk identification and mitigation while supporting our critical technology solutions in which identity is a core fundamental component.. We do this through threat modeling, strategic prioritization, and data driven decision making from security analytics.

How You’ll Make an Impact

• Develop and coordinate IAM (Identity and Access Management) and PAM (Privileged Access Management) strategies to ensure secure access to systems and data
• Design, configure, and manage IAM and PAM solutions including user provisioning, access controls, authentication, and authorizations
• Collaborate with other IT teams who will integrate with IAM and PAM solutions including Single Sign On (SSO) federation with existing applications and systems
• Develops and executes security controls, defense, and countermeasures to prevent attacks that utilize weakness in user access controls
• Maintain and enforce robust password policies, ensuring compliance with best practices and regulatory requirements
• Monitor and respond to security events related to authentication triggers including investigation and mitigation of potential threats
• Coordinate the user access review and privileged access review process to identify any discrepancies or unauthorized access and remediate those findings in according with regulatory requirements
• Performs root cause analysis, conducts threat analysis, determines an action plan to remediate any risks identified, and provides recommendation to remedy issues to Director
• Designs and conducts threat modeling and penetration testing for exploitable weaknesses related to identity within Central infrastructure
• Provides expertise for data security related to identity concepts in areas such as encryption protocols, DLP solutions, data masking or data anonymization techniques
• Leads collaboration and provides advice within identity related initiatives with functional areas within Information Technology as well as key stakeholders throughout the organization in collaboration with IT partners

What You’ll Bring

• Bachelor's degree in Computer Science and 4 years of cyber-security experience
• Or 6 years of cyber-security experience

Preferred

• Creativity and passion for cyber security
• Curious mind and strong desire to constantly learn
• Proven researcher and experience with staying up to date on cyber security trends
• Top notch communication skills and ability to clearly explain security risks and persuade any audience
• Ability to weigh risks, calculate the costs on a course of action, and propose the optimal path toward mitigation
• Capable of designing and enhancing security KPI metrics to prioritize activities
• Expert and wide-ranging knowledge in security concepts within NIST Cyber Security Framework
• Adept skill and proven experience in utilizing IAM and PAM solutions
• Proven expertise in protecting service accounts and non-human accounts
• Expert knowledge with the risk assessment methodology
• Expert knowledge of Identity and Access Management concepts
• Strong in-depth knowledge of user provisioning and access controls workflows and capable of utilizing KPI metrics to design change and continuously improve
• Advanced knowledgeable in cyber risk assessment, cyber risk management, threat modeling and penetration testing concepts
• Proven experience with security implementations of encryption, data security, SIEM, file transfer protocols, and cloud services
• History of providing sound technical advice during tabletop exercises at the IT or Corporate level
• Ability to understand Central Insurance’s policies and processes