Risk Management Solutions Boston , MA 02298
Senior Security EngineerKey Responsibilities:
The Senior Security Engineer will be responsible for
Ensuring applications, networks, systems and cloud services are planned, designed, developed, implemented, and monitored in accordance with security controls related to SOC 2, ISO 27001 and the RMS Information Security Policy
Developing, implementing and monitoring enterprise information security architectures and solutions for on-premise and Azure hosted infrastructure for both corporate and customer environments
Analyzing infrastructure, networking, and system design from a security perspective and providing recommendations and approvals for implementation decisions
Analyzing network traffic patterns, system logs, SIEM and endpoint security tools for unusual or suspicious activity
Defining, implementing and executing incident response playbooks in conjunction with the Security Operations Center
Working closely with the Security Operations Center to develop new data feeds and services for continuous monitoring and detection capabilities, including the writing of data parsers, installation of data connectors and log collectors, and tuning and aggregating multiple security alerting sources
Reviewing firewall policy rules and performing security risk assessments and approvals for network and system configuration changes
Assisting in the development and automation of threat management, vulnerability management, and incident management processes
Working closely with cross-functional teams to embed security, logging, auditing, and support for all corporate and cloud operations
Performing assessments of security tools, vendors, and solutions to support information security roadmap initiatives
Minimum 7+ years of experience in Information Security with an emphasis on network and system security
At least one security-related certification, such as CISSP, GIAC, CompTIA Security+, required. CISSP strongly preferred.
Experience with the development, deployment, and automation of security solutions in an enterprise cloud-based environment
Experience in DevOps environments and maintaining security in CI/CD processes highly desired
Solid understanding of Microsoft Azure architecture and services
Detailed understanding of Microsoft Office 365 application security, especially related to email and One Drive
Deep understanding of VPN, PKI, IPAM and MFA technologies required
Demonstrated proficiency in system hardening techniques for Microsoft Windows, Linux, and Mac OSX
Knowledge of technical security control environments and compliance frameworks including CSA CCM, ISO 270001 and SOC 2
Hands-on technical proficiency with IDS/IPS and SIEM tools. IBM QRadar, Splunk, and Graylog expertise highly preferred.
In-Depth knowledge of TCP/IP addressing and standards including network design, firewall configuration, load balancing, remote access, strong authentication, vulnerability scanning, VPN and DMZ management
Proven ability to manage priorities & deadlines and to work independently in a highly dynamic and diverse environment with multiple concurrent projects happening simultaneously.
Experience in creating detailed solution design documents & diagrams
Demonstrated experience in investigating security issues related to the Internet, server, desktop, laptop, tablet and other mobile device security issues; OS patching, hardening and anti-virus
Demonstrated ability to facilitate automation and integration through scripting in Powershell, Python, Perl, etc, highly preferred.
There's a 5% chance that a hurricane will cause $60 billion of insured losses next year and a 1% chance an earthquake will cause $50 billion of insured loss in the next 12 months. At RMS, we build the simulation models that allow insurers and investors to understand portfolio risks due to catastrophes: natural catastrophes (hurricane, earthquake, flood), terrorism, pandemic, and changes in life expectancy.
We are one of the most exciting companies you've probably 'never' heard of, unless you're one of our hundreds of clients in the (re)insurance, banking or hedge fund sector. We lead an industry we helped pioneer and ultimately our work makes a true impact on the world at large. How we understand and manage risk affects everybody and our passion is nothing less than creating a more resilient world through a better understanding of catastrophic events.
We are evolving our vision by delivering future solutions in the cloud, our cutting-edge risk management platform 'RMS(one)' for the global risk market. RMS(one) will create a holistic and integrated view across the enterprise with one platform for all models, all points of view, and all data. All will be run as equal partners on RMS(one).
RMS has 1,200 employees in 11 countries, including offices in Newark (CA-USA), Noida (India), London (UK), Hoboken (NJ-USA), and Zurich (Switzerland).
To find out more, visit www.rms.com or follow us on Facebook, LinkedIn or @rmsjobs on Twitter.
RMS is proud to be an equal opportunity workplace and is an affirmative action employer. We are committed to equal employment opportunity without regard to race, color, creed, gender, religion, marital status, registered domestic partner status, age, national origin or ancestry, physical or mental disability, genetic characteristics, sexual orientation, or any other classification protected by applicable local, state, or federal law.
RMS is enrolled in E-Verify and will be participating in E-Verify in addition to our Form I-9 process. www.dhs.gov/E-Verify.
To all recruitment agencies: RMS does not accept unsolicited agency resumes and will not responsible for the payment of placement fees related to unsolicited resumes submitted to open positions, job aliases, or to our employees.