The Senior Security Compliance Engineer will provide leadership, oversight, and hand on delivery of the IT Security solutions across different areas like infrastructure, network, and identity for the Arch Reinsurance Group worldwide. The individual will be responsible for working closely with the Reinsurance Infrastructure team, Security team and Shared Service team to provide comprehensive solutions to ensure compliance on security requirements. The individual will report to the Reinsurance VP of IT & Security Assurance and be responsible for security across multiple production environments in the cloud and on-prem, including ensuring conformity to IT Security Requirements and Best Practices (CIS, NIST, CSA). Travel up to 25% may be required. Position can be based in Farmington, CT, Morristown, NJ, or remote.
Work with multiple operational infrastructure
etwork teams, and ensure that we have secure-by-default systems.
Use your technical expertise to cultivate pragmatic engineering decision-making and sustain high engineering standards.
Supports the implementation and maintenance of assigned information security solutions to ensure successful deployment and operations; develops and documents detailed standards (e.g., guidelines, processes, procedures).
Design and implement solution on security controls to achieve desired risk mitigation results.
Monitors existing security controls, assesses gaps and recommend improvements to the IT environment.
Coordinate penetration testing, simulating an attack on the system to find exploitable weaknesses, and monitors networks and systems for security breaches.
Collaborate with other IT teams including Engineering to design and implement remediation solutions.
Provide support in the event of escalated security incidents (diagnose, troubleshoot, and resolve issues).
Support the implementation of hardware and software changes into environments to ensure security requirements are met.
7+ years of work experience in implementing and supporting network infrastructure for large enterprise networks including data centers and hybrid-cloud environments
2+ years of hands on experience as a network engineer with moderate-size operational network (hundreds of devices).
2+ years of security engineering experience
2+ years of experience with firewall technology (Palo Alto, Cisco)
Knowledge of scripting languages (PowerShell, python, etc.)
Basic knowledge of network protocols
Basic knowledge of physical and virtualized networking fundamentals, such as routing, switch, network configuration in VMware and Citrix
1+ year of experience in database technologies
1+ year of experience in software development
Certification Requirements:Preferably two or more of the following
CEH - Certified Ethical Hacker
ISSAP - Information Systems Security Architecture Professional
ISSEP - Information Systems Security Engineering Professional
CISSP - Certified Information System Security Professional
CIS - Certified Information Systems Auditor (CISA)
CCNP - Cisco Certified Network Professional
PCNSE - Palo Alto Certified Network Security Engineer
Cisco CCIE Security
Experience must include familiarity with applicable NIST, ISO, and CIS information security documentation
3+ years of working hands-on experience in the following:
Identifying, exploiting, and remediating Network attacks
Network auditing and monitoring including SIEM experience
Cloud Security (AWS and Azure)
Recommending, communicating, and tracking remediation of IT Threats
2+ years of experience with Next Generation Firewall
2+ years of implementing network segmentation
2+ years of experience with micro-segmentation platforms, such as VMware NSX or Cisco ACI
2+ year of implementing and administration of Network Access Control solutions such as Cisco ISE
Strong knowledge of F5 load balancers, TACACS, etc.
Hands-on experience with Cisco Nexus and Catalyst Series switches design and implementation
Deep understanding of various network protocols and technologies such as OSPF, BGP, MPLS, VxLAN, etc.
Strong understanding of Network monitoring, analysis, and familiarity with tools such as Cisco DNA Center, Cisco Prime, Solar Winds, etc.
Experience with SD-WAN support and implementation
Arch Capital Group Ltd. is a Bermuda-based company which provides insurance, reinsurance and mortgage insurance on a worldwide basis. Arch Capital Services LLC provides support and expertise to entities across ACGL to help them operate effectively and efficiently. Arch is committed to helping its associates create what's next by providing access to a variety of programs supporting your professional development and a culture that encourages innovation, collaboration and professional growth. We seek talent that thinks innovatively, values collaboration and will go the extra mile to serve our customers and develop our company.
Arch Capital Group Ltd.