You will be responsible for building, maintaining, and improving the organization’s preventative, detective and response capabilities. This Engineer will collaborate within the Information Security team and across partner business units to improve our cybersecurity posture. You will serve as an assistant technical architect and systems integrator for large complex systems or networks, with a focus on securing vulnerabilities and
reducing risk of system and/or asset compromises.
IN THIS ROLE, YOU WILL:
- Build, integrate, and support information security solutions supporting executive strategies and ensuring the security of the information The Hanover is entrusted to protect.
- Contribute to organizational initiatives within assigned area(s) of responsibility.
- Collaborate with networking team, architects, developers, and others to ensure security.
- Directly engage in troubleshooting and delivery with stakeholders, including end-users.
- Provide information security engineering support across the organization –including off-hours support and on-call rotations as appropriate.
- Apply best practices for security logging and alerting to prevent and detect security incidents.
- Monitor and provide assurance of the overall health and effectiveness of prevention, detection, and response capabilities
- Operate and ensure integrity of certificate management
- Provide subject matter expertise for alerting and analyzing security events within the Security Operations Center to prevent and address security incidents
- Collaborate with cybersecurity engineering and cyber threat intelligence teams to implement and tune security tools used by InfoSec operations
- Enforce Technology Lifecycle Management for assigned technologies
- Respond to metrics for incremental improvements in control design
- Hands-on experience and support in at least 2 areas of security technology controls: application, network, system and data security technology controls
- Support strict change regimen (Impacts of doing it/not doing it, Enumerated plan and backout, different eyes on checkout, reasonable windows, conflicts)
- Technology Accountability for engineering of security controls that are resilient, measured, documented, maintained, tuned and well understood by operations.
- Communicate technical clarity & succinctness backed up by facts
WHAT YOU NEED TO APPLY
- 4 year/Bachelor's degree or equivalent work experience (4 years of experience in lieu of Bachelor's) (Minimum Required)
- 3+ years of IT Security experience, in areas such as security operations, incident analysis, incident handling, and vulnerability management or testing, log analysis, intrusion detection that directly relates to the responsibilities of this position. (required)
- Hands-on experience with a variety of cybersecurity tools
- Hands-on experience with SSL certificate management software and SSL certificate administration
- Hands-on experience in a Windows / Linux environment
- Hands-on experience with endpoint encryption, endpoint protection, anti-virus, security monitoring agents, vulnerability scanning, content analysis and filtering, data loss prevention.
- Demonstrated experience with scripting languages such as PowerShell, Perl, and Python
- Must have excellent trouble-shooting and problem-solving skills
- Demonstrated understanding of Security
- Fundamentals, General IT knowledge, Network Systems, Firewalls, IDS/IPS Systems, Windows & Linux Systems Administration, Windows/Linux and MAC operating systems, Desktop Engineering, Cloud Technologies, Databases, and Software Development
- Security certifications such as CISSP, CISM, CompTIA's Security+, CEH required or to be obtained within 18 months.