Senior Cybersecurity Engineer

MSIG US continues to grow! 

Summary/Job Purpose:

The Senior Cybersecurity Engineer will support the Information Security Officer in designing, developing, and implementing cybersecurity and IT security solutions for MSIG – North America. Responsibilities include managing Azure NSG, WAF, VPN devices, load balancers, firewalls, and other security infrastructure.

Essential Functions:

• Identify, assess, and mitigate risks to ensure data and system security and integrity. Manage and maintain the vulnerability and patch management program.
• Ensure compliance with regulatory requirements and industry standards, including PCI, NYDFS, and NIST.
• Collaborate with the Information Security Officer to develop and implement robust security architectures and designs to protect against cyber threats.
• Lead and execute cybersecurity projects from conception to completion, ensuring effective security measures are deployed.
• Monitor and manage IPS/IDS managed services, both internal and outsourced.
• Maintain and update a comprehensive information security program that includes policies and processes to minimize risk and ensure data integrity and availability.
• Evaluate and implement tiered defensive posturing systems and policies to defend against malware threats.
• Create and maintain information security policies, standards, controls, and procedures to comply with evolving laws and regulations.
• Use a risk-based approach to secure applications, databases, or infrastructure based on technology and business needs.
• Manage testing and vulnerability analysis, including third-party scanning, pen testing, and network security providers.
• Oversee the Identity and Access Management Platform – OKTA and Azure AD.
• Administer Illumio and Zscaler for micro-segmentation and zero trust security models to reduce attack surfaces and limit lateral movement within the network.
• Conduct phishing simulation training programs to educate employees on identifying and avoiding phishing attacks.
• Resolve security-related cases escalated by Level 1 Helpdesk.
• Handle proxy issues requiring manufacturer intervention for final resolution.
• Maintain documentation and continuously improve existing infrastructure, network/security, and audit standards.
• Manage and maintain technologies such as antivirus, encryption systems, firewalls, access, and authentication technologies.

Supervisory Responsibilities: Manage off-shore support resources and vendors supporting email and security applications.

Qualifications:

• Problem Solving: Identifies root causes and resolves issues promptly.
• Teamwork: Balances team and individual responsibilities effectively.
• Customer Service: Responds to end-user issues promptly.
• Judgment: Makes timely and sound decisions.
• Planning/Organizing: Prioritizes and plans work activities efficiently.
• Quality: Demonstrates accuracy and thoroughness.
• Initiative: Volunteers readily, engages in self-development, and seeks increased responsibilities.
• Innovation: Displays original thinking and creativity.

Education and Experience Required:

• Bachelor's degree in computer science or a related field.
• 5 to 7 years of technical experience in a security environment.
• Over 3 years of experience with Security Information and Event Management (SIEM) tuning and reporting.
• 5 to 7 years of experience in managing security for users, platforms, and devices, including authentication, access controls, authorization, and integration of enterprise directories with other systems in large, complex environments.
• Proficiency with enterprise-class security products such as Identity Access Management, Web Access Management, and Single Sign-On.
• Strong knowledge of common security frameworks and regulations, with substantial experience in cloud environments.
• Expertise in security-related topics, including authentication, entitlements, identity management, data protection, data leakage prevention, validation checking, encryption, the principle of least privilege, software attack methods, secure data transfer/storage, etc.
• Excellent verbal and written communication skills, with the ability to convey information clearly to team members, stakeholders, and senior managers.
• Deep understanding of protocols such as TCP/IP, HTTP, and TLS/SSL at OSI network layers.
• Experience with security tools and creating detailed documentation.
• Experience managing vendor relationships with security and technology manufacturers, consultants, or VARs, including negotiating contracts and coordinating activities related to hardware, software, telecommunications, support, and training vendors.

Required License or Certification:

• CompTIA Security+ - Required.
• CISA - Required.
• Proficiency with Microsoft Office Suite, MS Project.

Other Requirements:

• The position requires working some evenings and weekends for installing, maintaining, or monitoring devices and implemented technologies.
• Up to 20% travel may be required to other office locations for meetings, seminars, and training.

It's an exciting time for our company and a great opportunity to join a financially sound and growing global insurance group!  
It is the policy of MSIG-USA to provide equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, MSIG-NA will provide reasonable accommodations for qualified individuals with disabilities.