Endpoint Security Operations Engineer Senior

Allstate Insurance   •  

Roanoke, VA

Industry: Insurance

  •  

Not Specified years

Posted 384 days ago

89120

Where good people build rewarding careers.

Think that working in the insurance field can’t be exciting, rewarding and challenging? Think again. You’ll help us reinvent protection and retirement to improve customers’ lives. We’ll help you make an impact with our training and mentoring offerings. Here, you’ll have the opportunity to expand and apply your skills in ways you never thought possible. And you’ll have fun doing it. Join a company of individuals with hopes, plans and passions, all using and developing our talents for good, at work and in life.

Job Description

As an Endpoint Security Operations Engineer you will be a technical endpoint security generalist for a very diverse enterprise.  You will be working with a team that is responsible for incident management, change execution, and the maintenance and support of endpoint securitytechnologies in a rapidly changing security sector in a large enterprise.

 

This role will have the responsibility of ensuring endpoint security solutions, policies and emerging technology are on track to meet and respond to the ever present threat to our data and endpoint infrastructure.  You will ensure that all technologies are operationally ready and that the endpoint security, SOC and NOC teams are enabled to execute on capabilities as needed to resolve operational issues or business requirements.

 

You will be responsible for the lifecycle, maintenance and support of our current endpoint securitytechnologies, partner closely with Endpoint Engineering in the deployment of emerging security capabilities, and execute and publish metrics as defined by Endpoint Engineering.  A core component of your role will also be incident management, execution of change activities, and development of SOP documentation in concert with Endpoint Engineering. Rotational on-call support will also be required. 

 

You will partner closely with Security Endpoint Engineering to ensure endpoint security capabilities and policies are deployed and maintained successfully. Lifecycle events will be planned and executed with alignment with Endpoint Engineering and SecurityArchitecture.

 

The Endpoint Security Ops team will have competencies in multiple endpoint security capabilities and escalate to Endpoint Engineering as needed. The ideal Endpoint Security Ops Engineer will be adept in learning new security capabilities, adaptable, take initiative, and be a team player. Knowledge sharing is highly encouraged. You will be an Endpoint Operations Security engineer in a very challenging, complex and rewarding organization.

Job Qualifications

• Moderate experience managing policies and software deployment in ePO
• Moderate documentation and analytical skills; documenting processes, policies and standards
• Moderate ability to provide end to end support to enterprise counterparts, identifying root cause of complex enterprise initiatives
• Moderate trouble shooting skills across complex enterprise applications, server and endpoint environments
• Moderate ability to onboard, learn and adapt to new technologies
• Moderate experience developing reports for software and version compliance
• Moderate privileged access management/right management experience, designing solutions based on least privilege (Avecto)
• Moderate knowledge of malware operation and indicators or threat
• Moderate knowledge of current threat landscape (threat actors, APT, cyber-crime, etc)
• Moderate knowledge of Windows operating systems (workstation and server)
• Moderate ability to write rules, policies and exclusions for McAfee/Intel products (HIPS, VSE, etc)
• Moderate knowledge of encryption/cryptography technologies and their implementation
• Modeate to moderate experienceengineering, deploying and supporting McAfee/Intel Encryption, Antivirus, DLP and HIPS solutions via McAfee ePO

 

Recommended Competencies:

• Moderate understanding and hands-on experience with windows registry, Active Directory and Group Policy
• Moderate ability to mentor and train others
• Moderate experience with scripting (PowerShell, PERL, etc)
• Moderate experience reading and writing documentation for Infrastructure Security implementations
• Moderate customer handling skills along with extensive hands on skills in defining and creating operational/procedure documents
• Moderate knowledge of networking fundamentals (TCP/IP, network layers, Ethernet, ARP, etc)
• Moderate experience with software lifecycle across a large enterprise; deployment, upgrades, patching
• Basic experience with ITIL processes such as Incident/Problem/Configuration/Change management.
• Basic log parsing and analysis skill set
• Basic knowledge of Firewall and Proxy technologies
• Basic understanding of SANS Critical Security Controls (CSC)
• Basic to Moderate knowledge of penetration techniques
• Basic knowledge of Information Technology forensic techniques
• Basic knowledge of audit requirements (PCI, HIPPA, SOX, etc.)

 

Recommended Certifications:

Certified Information Systems Security Professional (CISSP)
Certified Information Security Manager (CISM)
Certified Information Systems Auditor (CISA)
Microsoft Certifications (MCSA, MCSD, MCSE)