Information Technology Security Engineer (Job ID 13385)

  • The Hanover Insurance Company
  • Remote (Worcester, MA, USA)
  • Oct 15, 2020
Full time Insurance

Job Description

For more than 160 years, The Hanover has been committed to delivering on our promises and being there when it matters the most. We live our values every day, demonstrating we CARE.

Our Information Technology Engineering team is currently seeking an Information Technology Security Engineer in our Worcester, MA or a fully remote, work from home location.  This is a full time, exempt role.

POSITION OVERVIEW:

The Information Technology Security Engineer will provide subject matter expertise and guidance on complex projects/initiatives. They will be responsible for building, maintaining, and improving the organization’s preventative, detective and response capabilities. This Engineer will collaborate within the Information Security team and across partner business units to improve our cybersecurity posture.

Serves as an assistant technical architect and systems integrator for large complex systems or networks, with a focus on securing vulnerabilities and reducing risk of system and/or asset compromises.

IN THIS ROLE, YOU WILL:

  • Build, integrate, and support information security solutions supporting executive strategies and ensuring the security of the information The Hanover is entrusted to protect.
  • Contribute to organizational initiatives within assigned area(s) of responsibility.
  • Collaborate with networking team, architects, developers, and others to ensure security.
  • Directly engage in troubleshooting and delivery with stakeholders, including end-users.
  • Provide information security engineering support across the organization –including off-hours support and on-call rotations as appropriate.
  • Apply best practices for security logging and alerting to prevent and detect security incidents.
  • Monitor and provide assurance of the overall health and effectiveness of prevention, detection, and response capabilities
  • Operate and ensure integrity of certificate management
  • Provide subject matter expertise for alerting and analyzing security events within the Security Operations Center to prevent and address security incidents
  • Collaborate with cybersecurity engineering and cyber threat intelligence teams to implement and tune security tools used by InfoSec operations
  • Enforce Technology Lifecycle Management for assigned technologies
  • Respond to metrics for incremental improvements in control design
  • Support strict change regimen (Impacts of doing it/not doing it, Enumerated plan and backout, different eyes on checkout, reasonable windows, conflicts)
  • Have technology Accountability for engineering of security controls that are resilient, measured, documented, maintained, tuned and well understood by operations.
  • Communication technical clarity & succinctness backed up by facts

WHAT YOU NEED TO APPLY:

  • Bachelor's degree or equivalent work experience (4 years of experience in lieu of Bachelor's) (Minimum Required)
  • 3+ years of IT Security experience, in areas such as security operations, incident analysis, incident handling, and vulnerability management or testing, log analysis, intrusion detection that directly relates to the responsibilities of this position. (required)
  • Hands-on experience with a variety of cybersecurity tools
  • Hands-on experience in a Windows / Linux environment
  • Hands-on experience with endpoint encryption, endpoint protection, anti-virus, security monitoring agents, vulnerability scanning, content analysis and filtering, data loss prevention.
  • Demonstrated experience with scripting languages such as PowerShell, Perl, and Python
  • Must have excellent trouble-shooting and problem-solving skills
  • Demonstrated understanding of Security Fundamentals, General IT knowledge, Network Systems, Firewalls, IDS/IPS Systems, Windows & Linux Systems Administration, Windows/Linux and MAC operating systems, Desktop Engineering, Cloud Technologies, Databases, and Software Development
  • Security certifications such as CISSP, CISM, CompTIA's Security+, CEH required or to be obtained within 18 months.
  • Ability and commitment to communicate effectively, consistently chooses appropriate communication methods to ensure critical information reaches and persuades intended audience
  • Strong team player. Uses strong interpersonal skills to build partnerships with stakeholders and peers
  • Possesses leadership qualities
  • Demonstrates a strong sense of accountability (ownership and commitment) toward achieving goals and tasks; making, meeting and communicating progress

CAREER DEVELOPMENT:


It’s not just a job, it’s a career, and we are here to support you every step of the way. We want you to be successful and fulfilled. Through on-the-job experiences, personalized coaching and our robust learning and development programs, we encourage you – at every level – to grow and develop.

BENEFITS:

We offer comprehensive benefits to help you be healthy, build financial security, and balance work and home life. At The Hanover, you’ll enjoy what you do and have the support you need to succeed.

Benefits include:

  • Medical, dental, vision, life, and disability insurance
  • 401K with a company match
  • Tuition reimbursement
  • PTO
  • 9 company holidays
  • Flexible work arrangements
  • On-site medical/wellness center (Worcester only)