This is an opportunity to work with CorVel's tight-knit, dedicated Information Security and Privacy team to contribute to the protection of corporate digital assets and reduce business risk. This role will partner with various lines of business, system and application engineers, and business experts to research and recommend secure solutions, assess technical designs, categorize systems, select controls, provide security governance, and have a lasting and important impact to the business.

ESSENTIAL FUNCTIONS & RESPONSIBILITIES:

• Foster information security practices and procedures across the organization
• Research, analyze, and formulate recommendations for technologies, products, and solutions to enable business
• Provide technical inputs, system security controls, evaluate and recommend new and emerging security products and technologies
• Work with engineering teams to threat model technical designs and implementation of solutions
• Act as a subject matter expert and partner with other engineers to select appropriate security controls
• Further mature and maintain vulnerability management processes and metrics
• Assist with a variety of risk assessments
• Assist with vendor risk assessments, and provide customer assurance
• Other duties as assigned

KNOWLEDGE & SKILLS:

• Team player eager to contribute, even in areas outside of individual ownership
• Self-starter that sees projects through to completion
• Operates well under stress and in occasional chaotic environments
• Exemplifies humility, open-mindedness, empathy, integrity, and grit
• Committed to lifelong learning and personal development

EDUCATION & EXPERIENCE:

• 3 - 5 years of experience in information security
• Specific experience with two or more of the following areas:
  • Threat modeling
  • Secure system design and development
  • System security assessments
  • Vulnerability management
  • Security risk management
• Experience with FIPS, NIST 800-53/CSF, or other relevant frameworks
• Notable cloud security experience
• Relevant security certification preferred (CC, CompTIA Security+, CISSP, SANS, etc.)
• Outstanding written and spoken communication skills

PAY RANGE:

CorVel uses a market based approach to pay and our salary ranges may vary depending on your location. Pay rates are established taking into account the following factors: federal, state, and local minimum wage requirements, the geographic location differential, job-related skills, experience, qualifications, internal employee equity, and market conditions. Our ranges may be modified at any time.

For leveled roles (I, II, III, Senior, Lead, etc.) new hires may be slotted into a different level, either up or down, based on assessment during interview process taking into consideration experience, qualifications, and overall fit for the role. The level may impact the salary range and these adjustments would be clarified during the offer process.

Pay Range: $87,190 - $134,613

A list of our benefit offerings can be found on our CorVel website: CorVel Careers | Opportunities in Risk Management

In general, our opportunities will be posted for up to 1 year from date of posting, or until we have selected candidate(s) to fulfill the opening, whichever comes first.

A comprehensive benefits package is available for full-time regular employees and includes Medical (HDHP) w/Pharmacy, Dental, Vision, Long Term Disability, Health Savings Account, Flexible Spending Account Options, Life Insurance, Accident Insurance, Critical Illness Insurance, Pre-paid Legal Insurance, Parking and Transit FSA accounts, 401K, ROTH 401K, and paid time off.

#LI-Remote

Equal Opportunity Employer
This employer is required to notify all applicants of their rights pursuant to federal employment laws. For further information, please review the Know Your Rights notice from the Department of Labor.