Security EngineerSr Security Engineer
Security EngineerSr Security Engineer
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
What part will you play If youre looking for a place where you can make a meaningful difference youve found it. The work we do at Markel gives people the confidence to move forward and seize opportunities and youll find your fit amongst our global community of optimists and problemsolvers. Were always pushing each other to go further because we believe that when we realize our potential we can help others reach theirs.
Join us and play your part in something special!
Title
Security Engineer / Senior Security Engineer Cyber Technology Engineering
Job Summary
A Senior Security Engineer at Markel has a wide range of responsibilities to secure the enterprise environment and reduce enterprise risk. This roles primary responsibility is to provide operational support documentation and maintenance of a variety of security tools and infrastructure with a focus on Microsoft 365 & Cloud Security. This role will act as a technical resource for policy development secure architecture regulatory and industry requirements enterprise projects and other Markel initiatives. This position is part of the Cyber Technology Engineering team within the Global Security Services (GSS) division of Markel.
Job Responsibilities
- Responsible for secure configuration of cloudbased collaboration and productivity tool suites.
- Oversee changes to the cloud environment and deployment of software to ensure protection.
- Subject matter expert on applying the corporate security framework to cloud application design to support secure implementation.
- Develop appropriate cloud security architecture to be implemented in support of business and security initiatives and compliance requirements.
- Produce or assist in creation of metrics to report on the state of Cloud Security that is shared with multiple levels of the business.
- Ensure secure processes for authentication authorization and encryption with a deep understanding of API integrations conditional access MFA and zero trust methodology for cloud solutions.
- Responsible for secure configuration of mobile technology solutions including secure access solutions.
- Create and maintain environments for the Global Security Services team to test security solutions settings and designs.
- Create new ways to ensure appropriate levels of security and risk mitigation exists throughout the organization on premise and cloud environments.
- Write and implement automation scripts for a variety of security needs.
- Project support from evaluation to implementation of new and emerging security products and technologies.
- Serve as a technical resource for other departments within the Global Security Services division.
- Provide operational support and maintenance for various security tools to include vulnerability management endpoint detection and response SIEM and other technologies as required.
- Participate in various run the engine processes such as firewall change approvals software risk reviews email security policy modifications etc.
- Keep current with the latest security policies news and events surrounding cyber threats and security and apply to experience to protect the network.
- Keep all technical skills up to date and share information learned about data protection to peers.
- Work with Manager to provide guidance instruction mentoring and leadership to junior team members for purposes of achieving functional goals and objectives.
- Effectively communicate complex security problems and recommended solutions to an audience with varying levels of security and technical knowledge.
- Document and define corporate security policies standards and procedures.
- Develop documentation and diagrams to support ongoing security systems operations maintenance and problem resolution.
- Interpret and establish recommendations on controls to meet compliance and regulatory requirements for NY State/PCI/GDPR/NIST/etc.
- Other duties as necessary including but not limited to incident response change management system maintenance etc.
Education
- 5 years related work experience & industry certification in cyber security.
- Bachelors degree in Computer Science or Engineering with a focus on Cyber Security Digital Forensics or related work experience/certification.
Certification
CISSP CCSP CCSK CompTA Security or similar industry approved certifications. Desirable
Work Experience/Skill Set
- Minimum of 5 years experience with Azure.
- Minimum of 3 years experience focusing on Azure security.
- Minimum of 3 years experience in securing collaboration/productivity suites such as O365.
- Strong understanding of cloud concepts cloud network solutions and concepts including experience with products defined in SASE solutions.
- Strong Understanding of secure architecture and design of IaaS PaaS and SaaS solutions.
- Strong Microsoft Office knowledge.
- Strong communication organization documentation and presentation skills Attention to detail and Critical Thinking
- Ability to identify and evaluate risks in the design and operation of systems components and configurations.
- Ability to collaborate with team vendors and customers directly on systems security.
- Ability to work during afterhours and during planned maintenance windows as required.
- High level of motivation team orientation professionalism and trustworthiness.
- Advanced ability to operate well under pressure multitask and resolve difficult problems either independently or as a team.
- Ability to comprehend and grasp concepts involving computer intrusion activities incident response techniques tools and procedures.
- Experience creating scripts with preference to experience in PowerShell and Python.
- Experience with IT process risk and control frameworks such as NIST COBIT and ISO is preferred.
- Thorough knowledge of digital forensics methodology as well as security architecture system administration and networking (including TCP/IP DNS HTTP SMTP)
- Understanding of DevOps techniques and technologies such as Azure DevOps Terraform or similar container technologies such as Kubernetes or Docker and secure API concepts cloudbased identity and access solutions such as Azure AD and the concept of zero trust.
- Fundamental knowledge of Windows and Linux Operating Systems concepts terminology topology protocols components and operations network security architecture concepts and configurations including firewalls Web filtering/proxy intrusion prevention systems web application firewalls NGAV DLP PAM Vulnerability Scanning IAM Encryption Email Protection UBA SIEM cloud security server administration API integration and change management practices etc.
- Fundamental skill in installing configuring and troubleshooting security solutions.
- Basic knowledge of virtualization and hypervisor environments database and data lake systems.
#LIHybrid
#deib
#piq
US Work Authorization
- US Work Authorization required. Markel does not provide visa sponsorship for this position now or in the future.
Who we are:
Markel Group (NYSE MKL) a fortune 500 company with over 60 offices in 20 countries is a holding company for insurance reinsurance specialist advisory and investment operations around the world.
Were all about people We win together We strive for better
We enjoy the everyday We think further
Whats in it for you:
In keeping with the values of the Markel Style we strive to support our employees in living their lives to the fullest at home and at work.
We offer competitive benefit programs that help meet our diverse and changing environment as well as support our employees needs at all stages of life.
All fulltime employees have the option to select from multiple health dental and vision insurance plan options and optional life disability and AD&D insurance.
We also offer a 401(k) with employer match contributions an Employee Stock Purchase Plan PTO corporate holidays and floating holidays parental leave.
Are you ready to play your part
Choose Apply Now to fill out our short application so that we can find out more about you.
Caution: Employment scams
Markel is aware of employmentrelated scams where scammers will impersonate recruiters by sending fake job offers to those actively seeking employment in order to steal personal information. Frequently the scammer will reach out to individuals who have posted their resume online. These job offers include convincing offer letters and frequently ask for confidential personal information. Therefore for your safety please note that:
All legitimate job postings with Markel will be posted on Markel Careers. No other URL should be trusted for job postings.
All legitimate communications with Markel recruiters will come from Markel email addresses.
We would also ask that you please report any job employment scams related to Markel to .
Markel is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of any protected characteristic. This includes race; color; sex; religion; creed; national origin or place of birth; ancestry; age; disability; affectional or sexual orientation; gender expression or identity; genetic information sickle cell trait or atypical hereditary cellular or blood trait; refusal to submit to genetic tests or make genetic test results available; medical condition; citizenship status; pregnancy childbirth or related medical conditions; marital status civil union status domestic partnership status familial status or family responsibilities; military or veteran status including unfavorable discharge from military service; personal appearance height or weight; matriculation or political affiliation; expunged juvenile records; arrest and court records where prohibited by applicable law; status as a victim of domestic or sexual violence; public assistance status; order of protection status; status as a smoker or nonsmoker; membership or activity in local commissions; the use or nonuse of lawful products off employer premises during nonwork hours; declining to attend meetings or participate in communications about religious or political matters; or any other classification protected by applicable law.
Should you require any accommodation through the application process please send an email to the.
No agencies please.
Required Experience:
Senior IC
Employment Type
Full-Time
