The Director of Information Security Engineering role participates on a team of information security employees that own technical analysis, guidance, consulting, and configuration of information security tooling, operations, and projects.
Information Security Engineers help resolve tactical and strategic initiatives related to the information security function.
Responsibilities
The Director of Information Security Engineering fulfills the following asks :
- Identify opportunities to improve work processes and / or automate improvements to make them more effective and / or to strengthen security measures under limited or no supervision
- Assist and / or lead proof-of-concepts, analysis, and / or implementation of security tooling with limited or no direction
- Frequently monitor, test, and make improvements to security configurations (such as AWS, Azure, and / or GCP) practices in place for network, system, applications, and / or operations management without detailed oversight needed
- Consult with engineers to provide patch management configuration, identification and / or tool support as needed
- Leads projects and support Information Security team members with risk analysis of identified issues or events and is able to perform inspection to traverse multiple security tools and / or logs to uncover additional facts surrounding the event without direction
- Liaise with and support security operations center (SOC) analysts with limited or no direction
- Review, analyze and / or respond to phishing (abuse) submissions and alerts without direction, emphasis on increasing automation where able to reduce manual review
- Provide support and / or evidence as necessary for audits, regulatory exams, and / or assessments
- Provide information as necessary to track, communicate, and / or improve Information Security team metrics and / or reports
- Proactively identify opportunities and / or gaps in our security posture and influence others to support reducing security risk likelihood and / or impact
- Collaborates with IT and business partners to ensure security is factored in to the evaluation, selection, installation, and / or configuration of hardware, software and / or infrastructure
- Perform other related activities and projects as required
- Participate in an entirely remote working environment (such as using webcam and participating verbally or with reactions)
Required Skills
Ability to understand and work in varied computing environments (including AWS) with limited or no direction
Able to demonstrate understanding of a broad range of computer and information security topics; including networking, database mgmt.
application and infrastructure security, vulnerability management, identity access management, and X-as-Code concepts.
Strong understanding of common vulnerabilities and mitigations
Strong understanding of how to protect data and data movement
Able to problem-solve computer related issues without direction
Understanding of DevOps practices and Agile methodologies
Solid understanding of Identity Access Management concepts (in AWS preferred)
Able to manage multiple complex assignments without direction needed
Solid understanding of coding and / or scripting concepts in more than one language
Solid understanding of architecture concepts
Demonstrates written and verbal communication abilities, including with senior leadership
Work effectively with other employees in a fully remote environment
Strong time management
Required Experience
Bachelor or Master Degree in computer-related or information security related field and / or 6-12 years equivalent work experience required.
Information Security certifications (like CISSP) and / or AWS certifications preferred
Penn Mutual helps people become stronger. Our expertly crafted life insurance is vital to long-term financial health and strengthens people’s ability to enjoy every day.
Working with our trusted network of financial professionals, we take the long view, building customized solutions for individuals, their families, and their businesses.
We support our financial professionals with retirement and investment services through our wholly owned subsidiary, Hornor, Townsend & Kent, LLC, member FINRA / SIPC.
Base Salary - $153,000 - $190,000
Ability to understand and work in varied computing environments (including AWS) with limited or no direction
Able to demonstrate understanding of a broad range of computer and information security topics; including networking, database mgmt.
application and infrastructure security, vulnerability management, identity access management, and X-as-Code concepts.
Strong understanding of common vulnerabilities and mitigations
Strong understanding of how to protect data and data movement
Able to problem-solve computer related issues without direction
Understanding of DevOps practices and Agile methodologies
Solid understanding of Identity Access Management concepts (in AWS preferred)
Able to manage multiple complex assignments without direction needed
Solid understanding of coding and / or scripting concepts in more than one language
Solid understanding of architecture concepts
Demonstrates written and verbal communication abilities, including with senior leadership
Work effectively with other employees in a fully remote environment
Strong time management