Sr. Security Engineer
Esurance, Inc - San Francisco, CA

This job posting is no longer available on Dice. Find similar jobs:Senior Security Engineer jobs - Esurance jobs

Summary Esurance Network Operations Team is seeking a Sr Security Engineer as a member of its Information Security and Compliance team to bolster and maintain the security posture of Esurance applications services and infrastructure to protect against security threats ranging from intrusions malware system level breaches unauthorized access insider attacks and loss of proprietary information This individual is expected to be available for offhour support if needed and travel within the continental Unites States as needed Job Responsibilities Reporting to the IT Compliance Manager the Sr Security Engineer will proactively work with IT and business to identify security risks and implement practices that meet standards for information security The primary responsibility of the Sr Security Engineer include Security Architecture Develop and implement Enterprise Security Strategy Architect security solutions and technically lead their implementation from end to end Security Incident Response Oversee threat management and security incident handling including the coordination of investigations and reporting of security incidents to management in alignment with business needs and regulatory requirements Implementation of Security Controls – Design and operationalize controls to meet Esurance security and compliance needs Vulnerability Management – Work with Esurance development and infrastructure teams to identify and remediate application and infrastructure related vulnerabilities Security Governance Develop Information Security Policies Standards Procedures and best practices to support Esurance security control framework Ensure that security is factored into the evaluation selection and configuration of hardware applications and software Conduct third party security assessments as required Compliance Ensure compliance to Esurance control framework and best practices through continuous monitoring and gap analysis Provide support and guidance for legal and regulatory compliance efforts including audit support Security Awareness Promotes information security awareness throughout the company Develop information security as a core competency throughout the company Security Monitoring Ensure audit trails systems logs and other monitoring data sources are reviewed periodically and are in compliance with policies and audit requirements Stay current with security technologies and threats and make recommendations for use based on business value Qualifications Security engineering experience including experience with encryption intrusion detection network security multiple operating systems (Windows UNIX Linux etc) directory services (Active Directory LDAP) Virtualization Security Security Information and Event Management (SIEM) tools and log management Experience with Network Security technologies including Firewalls various IDSIPS system cryptographic systems identity management systems RADIUS and TACACS Demonstrated ability to work independently as well as a member of a team Demonstrated analytical skill technical knowledge and practical application of information security at a business aware and technical level Experience in the Financial Services industry and solid understating of ISO 27001 SOX and Payment Card Industry (PCI) data security standards (PCI DSS) as well as experience in the implementation of controls to mitigate PCI issues CISSP certification is highly desirable Other industry standard certifications such as MCSE CCSE CCNA or GIAC also desirable Experience Education Bachelors degree (BS) in Computer Science or equivalent job experience Minimum 5 years security experience in implementing security solutions and processes Minimum 5 years experience with Network Security technologies including Firewalls Network Intrusion Detection IPSec VPNs SSL VPNs 2 Factor Authentication (RSA SecureID) RADIUS TACACS Access Control Windows, Unix, Linux, Active Directory, LDAP, Virtualization Security, Crytographic systems, RADIUS
About this company
63 reviews
Born online, raised by technology, and majoring in efficiency, Esurance offers consumers an easier, more modern way to manage insurance....