What are the responsibilities and job description for the IT Security Engineering Supervisor position at Tokio Marine HCC?
Tokio Marine HCC is a global insurance company with a presence in over 180 countries. We provide assurance to the farmers that provide food for our lives, we support the artists that enrich our minds through music, all the way to the baseball players at the World Series. Have you considered the insurance needed for all the Amazon delivery drivers or the cyber-attacks that have infiltrated companies like Target and many others? At TMHCC our priority to know the risks and how to help our world, be prepared for them.
Just as we prioritize being a leader in the Risk Management field, we prioritize the people that make us industry experts. At TMHCC you have access to comprehensive benefits through our THRIVE initiative. What does that mean? Paid parental leave, 401K matching, options when it comes to your medical care, flexible work from home days, career development and prioritization of continued education. It is our priority to be a good company.
Over the last 5 years the security team has grown and flourished. We are leading the future of cyber security, creating new foundations for our organization to leverage technology as a competitive edge in the specialty insurance industry. The team has continued to exceed expectations and expanded it’s capabilities. As a result, the Cyber Security group is seeking an IT Security Engineering Supervisor to manage and lead the team maintaining our security infrastructure.
The Role:
Lead a team of engineers accountable for accomplishing the following responsibilities and has substantial latitude for actions or decisions made with minimal review. Drive an ownership culture of supported solutions within the engineering team with a focus on best practices, optimization, and continuous improvement.
the details …
- Oversee resolution of operational issues with appropriate technical, professional, and service personnel.
- Ensure service requests are completed in a timely manner including account provisioning, access requests, and other services that are ticket driven.
- Ensure monitoring and compliance activities are completed in a timely manner including scheduled control activities and procedures related to security monitoring.
- Plan, conduct, and manage security engineering assignments.
- Recommend improvements in security operations and procedures.
- Identify, recommend, and implement corrective actions in response to security violations.
- Perform security assessments to determine vulnerabilities in systems and applications.
- Identify and communicate potential threats to information assets.
- Develop and administer security policies, standards, and procedures to protect information assets.
- Analyze and configure security systems to meet security architecture requirements.
- Ensure that the organization's data and infrastructure are protected by enabling the appropriate security controls.
- Maintain awareness of and respond to cybersecurity trends, best practices, threats, tactics, techniques, and procedures (TTPs).
- Participate in the change management process.
The Requirements:
- Bachelors in Degree in Cyber Security, MIS, Information Technology, a related field, or the equivalent education or experience.
- Preferred CISSP, CISM, Security , GIAC, or other vendor-specific security certifications
- One year or more of leadership experience.
- Experience with Vulnerability Management and Analytics Platforms (Qualys, Tenable, Rapid 7, Kenna, etc.) in an enterprise environment.
- Experience with static and dynamic code scanning tools, interpreting results, and working with development teams to achieve remediation.
- General multi-platform knowledge of IT disciplines (server/virtualization, network, cloud, applications, DevOps, Linux, etc.)
- Have worked in an environment with information security tools for intrusion monitoring, filtering, event management, and compliance management.
- In depth knowledge of authentication and access systems, system logging, and event correlation tools.
- General knowledge of regulatory requirements such as Sarbanes-Oxley, Payment Cards Industry, Health Information Portability and Accounting Acts (HIPAA), along with US and European data privacy laws.
# LI-ME2