Sr Information Security Engineer

Company URL:

Berkley Technology Services (BTS) is the dynamic technology solution for W. R. Berkley Corporation a Fortune 500 Commercial Lines Insurance Company. With key locations in Urbandale IA and Wilmington DE BTS provides innovative and customer-focused IT solutions to the majority of WRBCs 60 operating units across the globe. BTSs wide reach ensures that ideas and opinions are considered at every level of the organization to guarantee we find the best solutions possible.

Driven by a commitment to collaboration BTS acts as consultants to our customers and Operating Units by providing comprehensive solutions that not only address the challenge at hand but proactively plan for the Whats Next in our industry and beyond.

With a culture centered on innovation and entrepreneurial spirit BTS stands as a community of technology leaders with eyes toward the future -- leaders who genuinely care about growing not only their team members but themselves and take pride in their employees who shine. BTS offers endless ways to get involved and have the chance to grow your career into a wide range of roles youd never known existed. Come join us as we push forward into the future of industry leading technological solutions.

Berkley Technology Services: Right Team Right Technology Simple and Secure.

The Senior Information Security Engineer is responsible for implementing and managing a comprehensive security program to protect our organizations data and systems from cyber threats. They will work closely with other members of the IT team to ensure the security of our infrastructure applications and data.

• Identify and define system security requirements across onpremises hybrid and cloud environments translating business and regulatory needs into actionable technical security controls and standards. (10%)
• Design security architectures and develop detailed cybersecurity designs for infrastructure applications and cloud services including identity network segmentation logging monitoring and privileged access models. (5%)
• Prepare maintain and document standard operating procedures technical standards and security protocols including cloud security baselines privileged access workflows and incident response runbooks. (10%)
• Configure manage and troubleshoot security infrastructure tools and platforms including identity and access management Privileged Access Management (PAM) cloud security services and security monitoring solutions. (10%)
• Develop and engineer technical security solutions to mitigate risk and improve operational efficiency with a strong focus on:
  • • Privileged Access Management (vaulting session management justintime access secrets management)
    • Cloud security controls for IaaS PaaS and SaaS environments
    • Automation of repeatable security tasks using scripting orchestration and Infrastructure as Code
      (15%)
    • Collaborate closely with IT and Information Security teams (infrastructure cloud application and DevOps) to ensure security controls are consistently implemented across systems applications data and cloud platforms. (10%)
• Monitor emerging cybersecurity threats attack techniques and industry trends assessing impact to the organization and recommending enhancements to tooling architecture and security posture. (5%)
• Provide technical guidance and hands-on support to IT teams on security best practices secure design patterns cloud security architecture and privileged access controls. (10%)
• Prepare and present project status risk updates and security initiatives to leadership clearly communicating technical concepts and risk-based recommendations. (5%)
• Lead and mentor junior security engineers providing technical direction design reviews knowledge sharing and support for skill development and career growth. (10%)
• Provide Person in Charge (PIC) coverage when on rotation acting as the senior escalation point for complex security issues incidents and operational decisions. This responsibility is factored into base salary. (5%)

• 5 years experience as a Cloud Security Engineer Information Security Engineer or Devsecops Engineer
• 5 years experience with network cloud and computer system security including security mechanisms such as user access controls role-based access control SSO file permissions firewall policies and audit logs.
• 5 years experience in security systems including firewalls intrusion detection systems endpoint protection systems web application firewalls vulnerability scanning software privilege access management data loss protection log management content filtering.
• 5 years experience in developing and deploying security solutions to defend against advanced cyber threats
• 5 years experience in reviewing and monitoring security systems to ensure they are functioning properly and securely
• 5 years experience with investigating intrusion incidents conducting investigations and handling security incidents.
• Bachelors degree in Computer Science Information Security Information Technology or related discipline
• CISSP CISM Azure Security Engineer or similar
• The Company is an equal employment opportunity employer.