Cyber Security Engineer

<strong>AF Group (Lansing, Mich.) and its subsidiaries are a premier provider of innovative insurance solutions. Insurance policies may be issued by any of the following companies within AF Group: Accident Fund Insurance Company of America, Accident Fund National Insurance Company, Accident Fund General Insurance Company, United Wisconsin Insurance Company, Third Coast Insurance Company, or CompWest Insurance Company.</strong>

United States, USA

AF Group

<p class="p1"><strong>AF Group&rsquo;s focused and passionate team uses industry-leading best practices, analytics and resources to manage risk and minimize loss for our policyholders while strengthening businesses with our valued independent agent partners.</strong></p> <p class="p1"><strong>We strive to continuously increase the long-term value of our organization by outperforming our industry peers and fostering a culture of underwriting and claims excellence.</strong></p> https://www.afgroup.com/

keywords: summary,job description,work environment,technical,solutions,security,teamwork,policies,experience,education,proficiency,initiative,skills

Non-Manager

Competitive Compensation and Benefits Package

Overview: <br />Research, implement and manage tools used for proactive monitoring of security threats. Manage incident response, conduct internal reviews on a periodic basis to measure compliance with policy, and assist in external audits and assessments. Develop culture of security and conduct an ongoing security awareness program. Assist in establishing company information security program. Active participation in all projects for security requirements to ensure that all projects incorporates security requirements. Ensures that technology risks are identified and managed according to the risk culture of the enterprise and advises management about risks to the business due to the implementation of technology used to operate the business. S/he will also perform compliance activities to ensure the successful implementation of the program and consult with technical and business teams regarding their changing business and technical plans to ensure that information security issues are addressed early in a project's lifecycle.<br /><br /><br /> <p><strong>WORKING CONDITIONS:</strong></p> <p>Work is performed in an office setting (or remote office setting) with no unusual hazards. Some travel is required.</p>
Responsibilities: <br /> <ul> <li>Assists in the configuration and installation of security infrastructure including but not limited to firewalls, VPN, IDS/IPS, Anti-Malware, and web/mail Filtering solutions.</li> <li>Investigate intrusion incidents, conduct forensic investigations, and mount incident responses.</li> <li>Implement and upgrade security measures and controls.</li> <li>Perform vulnerability testing, risk analyses, and security assessments.</li> <li>Recommend and install appropriate tools and countermeasures.</li> <li>Create new ways to solve existing production security issues.</li> <li>Collaborate with colleagues on authentication, authorization, and encryption solutions.</li> <li>Evaluate new technologies and processes that enhance security capabilities.</li> <li>Participate in evaluating new hardware and software technologies and provide an assessment of the risks/vulnerabilities and recommend mitigation strategies.</li> <li>Test security solutions using industry-standard analysis criteria.</li> <li>Implement strategies to improve the reliability and security of IT projects.</li> <li>Defend systems against unauthorized access, modification, and/or destruction.</li> <li>Assisting in the development and maintenance of the Company information security program, including policies, standards, and guidelines to protect information against unauthorized modification or loss.</li> <li>Act as a liaison on security matters between Internal Audit and IT, reviewing all audit reports and responses to ensure timeliness and effectiveness of corrective actions.</li> <li>Contribute to the evolution of the risk analysis and IT workflow processes.</li> <li>Provide management with regularly scheduled "State of the Information Security Program" reports.&nbsp;</li> <li>Advise management of changes in the technical, legal, and regulatory arenas affecting information security and computer crime.</li> <li>Develop and foster relationships with both business and technology customers and maintain strong relationships with technical teams.&nbsp;</li> </ul>
Requirements: <br /> <p><strong>EDUCATION OR EQUIVALENT EXPERIENCE:</strong>&nbsp;&nbsp;</p> <ul> <li>Bachelor&rsquo;s degree in computer science or related field required.</li> <li>Combinations of relevant education and experience may be considered in lieu of a degree.&nbsp;</li> <li>Continuous learning, as defined by the Company&rsquo;s learning philosophy, is required.</li> <li>Certification or progress toward certification is highly preferred and encouraged.</li> </ul> <br /> <p><strong>EXPERIENCE:</strong>&nbsp;</p> <p><strong>Systems Security Engineer:</strong></p> <ul> <li>5 years of progressively more responsible experience in IT, information security, multiple computing environments, information security applications, or related environment with demonstrated technical knowledge which provides the necessary skills, knowledge, and abilities.</li> <li>Certifications in GIAC, CISSP, SSCP, CISM, CEH, CISA, or Security+ preferred.</li> </ul> <br /> <p><strong>SKILLS/KNOWLEDGE/ABILITIES (SKA) REQUIRED:</strong></p> <ul> <li>Ability to research security utilizing various resources.</li> <li>Thorough knowledge of the Internet as an information resource and related networking and security technologies.</li> <li>Thorough knowledge of OSI layers 1-4</li> <li>Knowledge and experience with Palo Alto Next-Generation Firewalls</li> <li>Hands-on experience in multiple security areas such as: Intrusion Detection Prevention, Enterprise Anti-Virus, Identity and Access Management, Threat Management, and Vulnerability Management.</li> <li>Excellent oral and written communication skills.</li> <li>Ability to effectively present budgetary and/or cost information, and respond to questions as appropriate.</li> <li>Ability to establish workflows, manages multiple projects, and meet necessary deadlines.</li> <li>Works with minimum supervision and exercises sufficient discretion and independent judgment.</li> <li>Demonstrated leadership abilities.</li> <li>Ability to effectively exchange information clearly and concisely, and present ideas, reports facts and other information, and respond to questions as appropriate.</li> <li>Ability to prepare necessary reports, spreadsheet development, and cost analysis.</li> <li>Ability to maintain confidentiality.</li> <li>Ability to work varying hours, including evenings, weekends, and holidays as required.</li> <li>Ability to perform other assignments at locations outside the office.</li> <li>Ability and proficiency in the use of computers and company standard software specific to position.</li> </ul>