Senior Security Engineer

Pemco Mutual Insurance Company Seattle , WA 98113

Posted 2 months ago

Who We Are

At PEMCO it's all about people, starting with our customers. We're a mutual insurance company owned by our Northwest policyholders and protecting their dreams since 1949. We believe in listening to our customers and showing that we understand them in ways that others don't.

Working at PEMCO, you will enjoy the benefits of working for a thriving and growing company, sharing ideas, learning and seeing the impact of your work, while also enjoying positive energy and work-life balance. We're a company of 500+ relationship-focused, community-minded people, serving our policyholders from our modern office in the South Lake Union neighborhood of Seattle."

Why We Need You

This role provides technical and Information Security engineering direction and leadership. You will work collaboratively with all technical support areas to ensure systems are designed, implemented and supported consistent in maintaining security standards.

What You'll Be Doing

Strategy & Planning

  • Collaborate with other groups to ensure secure and reliable implementation and operation of software and systems for fulfilling business objectives and processes.

  • Work with executive team members, decision makers, and stakeholders to define business requirements and systems goals, and to apply appropriate Security controls.

Acquisition & Deployment

  • Design and deploy secure new operating systems, applications and enhancements to existing applications, software, and operating systems to improve performance and reliability

  • Perform cost-benefit and return on investment analyses for proposed systems to aid management in making implementation decisions regarding Security toolsets and controls.

Operational Management

  • Analyze the effectiveness and efficiency of existing security systems, controls, and standards; develop and implement strategies for improving or further leveraging these systems.

  • Provide thought leadership in security engineering for the company.

  • Support day-to-day information security program administration.

  • Work collaboratively with technicians to ensure designs meet security standards: Develop security controls and perform validation testing; contribute to design documentation and other project deliverables, as necessary.

  • Design, implement and support highly confidential or niche security systems.

  • Perform troubleshooting, forensic analysis and investigations for security and all incidents to determine level of Incident Response, mitigation and resolution.

  • This role may require detailed technical work in the event a conflict of interest is suspected or exists.

  • Mentor, remain current, and provide guidance to others on security best practices.

What You'll Bring

  • 10 years of experience working with information processing and information security products and technologies.

  • BA/BS in science or technology-related field or equivalent preferred.

  • CISSP certification required

  • Experience in supporting a wide range of compliance audits.

  • Proven experience with systems planning, security principles, and general software management best practices.

  • Excellent interpersonal, verbal and written communications skills. Must effectively produce, communicate and implement systems documentation, reports, and business correspondence.

  • Ability to conduct research into systems issues and products as required (Troubleshooting).

  • Ability to communicate ideas in both technical and user-friendly language.

  • Ability to work in a team-oriented, collaborative environment.

  • Ability and willingness to work hours outside of normal business hours.

  • Must have strong organizational skills and the ability to manage multiple projects and tasks.

  • Working knowledge of secure TCP/IP network architecture and enterprise computer/infrastructure operations required

  • Required technical skills:

  • Active Directory Security along with application of Group Policy Objects

  • Cicso IOS

  • Microsoft Stack

  • Multi-factor authentication

  • SQL Security Hardening

  • IIS Security Hardening

  • Web Application Security/Firewalls

  • Network hardening with ACLs (understanding protocols)

  • SSL/VPN Remote Access

  • Unix/Linux, intrusion detection systems

  • Network vulnerability assessment tools

  • Forensics knowledge

We've Got You Covered

  • Competitive salary

  • 200% match on your 401(k) up to 6% of your pay

  • Generous medical, dental, disability and life insurance plans

  • A friendly, professional work environment

  • The opportunity to work at a place of integrity, where customer service is emphasized

At PEMCO, we celebrate and support our differences. We know employing a team rich in diverse thoughts, experiences, and opinions allows our employees, our products and our community to flourish. PEMCO is honored to be an equal opportunity workplace. We are dedicated to equal employment opportunities regardless of race, color, ancestry, religion, sex, national orientation, age, citizenship, marital status, disability, gender identity, sexual orientation or Veteran status.


See if you are a match!

See how well your resume matches up to this job - upload your resume now.

Find your dream job anywhere
with the LiveCareer app.
Download the
LiveCareer app and find
your dream job anywhere
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Senior Security Engineer

Electronic Arts

Posted 3 weeks ago

VIEW JOBS 10/24/2018 12:00:00 AM 2019-01-22T00:00 Requisition Number:153270 Position Title:Software Engineer II - Security External Description: The Principal Security Engineer is a member of the Verification & Pentest team under the Game & Product Security Engineering group within EA's Information Security department. As a Principal Security Engineer, your primary job will be to discover vulnerabilities in EA's games and gaming infrastructure. Your work will help protect our business data, our employee data, and most importantly, our customers. The security assessments you perform will cover everything from web applications, to network infrastructure, to white-box and black-box reviews of thick clients and servers. In addition to identifying security issues, you'll need to determine the business risk posed by the vulnerabilities you discover and be able to communicate your findings across teams to both technical and non-technical audiences. You will also assist in EA's anti-cheating, anti-fraud, and anti-piracy efforts. The ideal candidate has a deep understanding of security principals and a passion to learn new technologies, challenge assumptions, and find new ways to solve problems. Requirements * Bachelor's degree or Master's Degree in Computer Science or Information Security * Fundamental understanding of CWE Top 25 and OWASP Top 10 vulnerabilities, and ability to discover these vulnerabilities in assessment targets * Knowledge of operating systems internals for Windows, Linux, iOS, and Android * Network infrastructure security knowledge for both traditional networks and cloud * Ability to read and understand unfamiliar code and to identify new application security vulnerabilities in C++, Java, C#, and common scripting languages * Experience with security assessment tools such as Burp Suite, Nessus, nmap, and Wireshark * Experience with reverse engineering tools such as IDA Pro, OllyDbg, and Windbg * Software development experience and the ability to write your own tools and automation scripts * Ability to find all instances of a given vulnerability in a product upon discovering a single instance of the vulnerability * Previously published CVEs, security tools, and whitepapers * Experience delivering talks at security conferences * Excellent verbal and written English skills, interpersonal skills, and professionalism in dealing with all levels of management and staff * Trustworthiness, as you will be trusted to handle sensitive assets Focus Areas * Conduct static and dynamic application security vulnerability research assessments on EA products running on PC, web, mobile, and consoles * Perform network infrastructure security assessments on game servers and gaming infrastructure * Advise and consult with EA staff to identify and reduce security risks * Solve complex technical problems and articulate to both technical and non-technical partners * Identify root causes for vulnerabilities (whether they be in design, in implementation, or in configuration) and recommend future preventative measures * Teach, learn, and develop your skillset within the team * Research and develop security assessment tools, techniques, and process improvements * Provide our group with information necessary to improve security throughout the organization via EA's internal educational programs such as Security Awareness * Enhance the existing library of development examples and materials to improve the integration of security into the Secure Software Development Life Cycle (SSDLC) * Provide relevant metrics that allow our group and the general business to understand risk as it pertains to our business and products * Deliver talks at security conferences and gaming conferences * Publish security tools and whitepapers City: State: Community / Marketing Title:Senior Security Engineer Company Profile: Electronic Arts Inc. is a leading global interactive entertainment software company. EA delivers games, content and online services for Internet-connected consoles, personal computers, mobile phones and tablets. EEOText:EA is an equal opportunity employer. All employment decisions are made without regard to race, color, national origin, ancestry, sex, gender, gender identity or expression, sexual orientation, age, genetic information, religion, disability, medical condition, pregnancy, marital status, family status, veteran status, or any other characteristic protected by law. We will also consider for employment qualified applicants with criminal records in accordance with applicable law. EA also makes workplace accommodations for qualified individuals with disabilities as required by applicable law. Date Opened:2018-10-23 20:08:33.933 EEO Employer Verbiage: EA is an equal opportunity employer. All employment decisions are made without regard to race, color, national origin, ancestry, sex, gender, gender identity or expression, sexual orientation, age, genetic information, religion, disability, medical condition, pregnancy, marital status, family status or veteran status. We will also consider for employment qualified applicants with criminal records in accordance with applicable law. Location:Seattle Location_formattedLocationLong:Seattle, Washington US Electronic Arts Seattle WA

Senior Security Engineer

Pemco Mutual Insurance Company