BITCO Corporation is seeking a
Senior IT Security Engineer (Application, Cloud, & Data) to join our home office located in
Davenport, IA. This position is open to a hybrid work arrangement, blending flexibility with meaningful in-person collaboration.
Position Summary:The Senior IT Security Engineer is a unique role that will scale with the company to become a pillar of the growing Cybersecurity team, with a focus on Applications, Cloud, and Data. This role will analyze events from multiple security tools to identify anomalies/incidents and potential information security threats to the organization. The Senior IT Security Engineer will conduct comprehensive and detailed analysis of network and endpoint events, to quickly determine the source and severity, and to advise on the most effective and efficient way to triage the event.
In partnership with our BITCO and ORI Cybersecurity team, they will help identify, corelate, escalate, and respond to security incidents using various security technologies and incident response methodologies. They will act as the lead incident response handler, coordinate the response efforts, and provide recommendations on security policies and controls, tools, and processes to mature our cybersecurity fabric breadth and depth. The Senior IT Security Engineer will provide detailed reports to the Cybersecurity leaders, CIO, and/or other team members about the root cause of an incident and recommended follow-up actions. Additionally, they will develop, enhance, and maintain cybersecurity documentation such as policies, procedures, and guidelines.
Primary Responsibilities: - Conduct static and dynamic security testing on internal and external applications throughout the development and implementation/delivery lifecycle to ensure production readiness and supportability.
- Collaborate with developers to integrate security throughout the SDLC.
- In partnership with Enterprise Architect, Development and Operations Leaders, review app architecture, code, and security controls for vulnerabilities
- Perform threat modeling and risk assessments for internal and external legacy/modernization applications/platforms.
- Stay updated with the latest security threats, tools, and best practices as they apply to Applications, Cloud engineering, DEVOPS, Integration/API Frameworks, and code scanning.
- Lead the evaluation and risk profiling of vendors, 3rd party partners, etc. in the evaluation of libraries, SDKs, SOC reports, to product a risk profile for potential security risks.
- Be the evangelist of introducing best practices to guide secure coding practices, code reviews, and conduct regular security awareness sessions.
- Work with incident response teams to investigate and remediate application, cloud, and EDW security issues.
- Working closely with Infrastructure, Application Development, and appropriate 3rd parties to design and secure cloud architectures and develop practical, scalable security controls for new and existing services.
- Establishes and implements appropriate standards and criteria for data security requirements.
- Design, develop, deploy and manage enterprise data security solutions including data loss prevention (DLP), data encryption, cloud data protection, as well as data security governance and compliance
- In-depth understanding of DLP, Data Discovery, Classification, Encryption, Masking, Tagging and Governance
- Conduct risk assessments and vulnerability analyses to identify and mitigate potential data security threats, including third party cyber risk assessment.
- Collaborate with cross-functional teams to design and deploy data protection measures and best practices.
- Implementing and improving end-to-end cloud security controls across AZURE, AWS, FABRIC, DEVOPS, CI/CD pipelines, and self-managed/hosted systems
- Leading and improving our existing vulnerability management workflow for cloud assets, including scanning, triage, prioritization, and remediation with tools like Tenable and native CSP capabilities.
- Managing and optimizing security tooling such as CrowdStrike (EDR/CSPM/IR), cloud-native security services, and SIEM detection rules (with the help of our existing SIEM Management function)
- Performing threat modeling for new cloud technologies and patterns adopted across internal and external Application Development
- Contributing directly to incident response, cloud forensics, and run-time security investigations
- Securing and supporting Infrastructure-as-Code deployments, with ownership over the design and hardening of IaC and CI/CD automation pipeline
- Enhancing cloud logging, alerting, monitoring, and operational visibility across Azure, AWS, and Fabric
- Regularly review data security policies and standards. Provide input and recommendations to address enhancements and adapt to changing regulations and industry best practices.
- Continually assessing cloud security posture and identifying opportunities to reduce risk, harden environments, and adopt best-in-class cloud security practices.
- Ensures platform accessibility, software revisions and best practices are maintained.
- Develop and maintain an understanding of internal and external industry best practices of security practices required to meet corporate and regulatory requirements.
- Performs other duties as necessary
Qualifications:- Bachelor's degree in computer science, Information Systems, or Business Administration with Technology as a core component preferred.
- Minimum 7 years of experience as an Information Security professional with public companies with a preference toward financial services or insurance industry- including cyber intelligence activities.
- Minimum 3 years of experience working with Cloud environments and SaaS platforms.
- Preference of CCSP, CISSP, CCNP, or GCIA certification or in progress
- Hands-on experience with security tools such as SIEM, EDR, CSPM, Tenable, SNYK, SOAR and vulnerability management platforms
- Familiarity with common security frameworks and regulations (SOC 2, ISO 27001, NIST), and understanding how they apply to cloud environments.
- Strong experience in Infrastructure Operations, DMZ & Networking design, routing, subnetting, and firewall policies.
- Experience in organizations experiences large modernization changes, legacy/Technical debt retirement, and SaaS platform (Duck Creek, Kalepa, SNOW, SFDC, EDW) implementations.
- Familiarity with the following IT Security concepts is preferred:
- IT security risk and mitigation strategies
- Security incident response
- Security frameworks
- Regulatory guidelines
- IT security logging and monitoring
- IT security monitoring tools
- Controls, best practices, and security protocols
- Intrusion Detection: SIEM, IDS, and IPS
- Operating systems, networks, and security fundamentals
- Network security controls
- Threat knowledge
- Demonstrated ability to manage multiple priorities and projects
- Critical thinking and problem-solving skills
- Excellent oral and written communication skills
- This position requires 24x7x365 availability to support Security Operations, where necessary
Benefits: - Competitive salary paired with a comprehensive benefits package
- Generous paid time off, plus 12 paid holidays annually
- Comprehensive health coverage, including medical, dental, and vision plans
- Additional protection through accident, critical illness, and hospital indemnity insurance
- Company-paid life insurance equal to 2× annual salary
- Company-paid short-term and long-term disability coverage
- 401(k) Savings and Profit-Sharing Plan through Old Republic
- Ongoing education, training, and professional development opportunities
- Support for industry certifications and insurance designations, including financial assistance
- Flexible scheduling with a two-hour window for start and end times within a 7.5-hour workday
- Opportunities to give back through corporate philanthropy and community service initiatives
- Optional benefits including travel, commuter, and pet insurance
- Employee wellness support through a dedicated fitness program
