What are the responsibilities and job description for the Security Engineer I position at Verisk?
Company Description
We help the world see new possibilities and inspire change for better tomorrows. Our analytic solutions bridge content, data, and analytics to help business, people, and society become stronger, more resilient, and sustainable.
Job Description
As a Security Engineer, your primary focus will be to enhance EES’s security stance. The IT Security Engineer must possess strong analytical and communication skills; assess client needs against security concerns; resolve technical and procedural information security risks.
Responsibilities include implementation and support of our security suite of tools including but not limited to vulnerability scanners, proxies, firewalls, SIEM and end point protection. An ability to collaborate with multi-discipline teams to investigate and remediate incidents as well as experience implementing cloud security controls.
About the Day to Day Responsibilities of the Role
Essential Functions:
• Implement and support security tools not limited to but including Splunk, CyberArk, FireEye, Cisco stack, AWS security tools
• Capacity for continual learning and ability to absorb new paradigms.
• Work with architecture teams to understand enterprise solutions and impacts of security controls.
• Assist in the implementation of EES data security and privacy policies and procedures across multiple locations/units.
• Oversee vulnerability scan results and remediation efforts.
• Act as liaison with Verisk Enterprise Risk and Compliance and business stakeholders.
• Complete all responsibilities as outlined on annual Performance Plan.
• Complete all special projects and other duties as assigned.
• Must be able to perform duties with or without reasonable accommodation
• Enable the design and operation of related compliance monitoring and improvement activities to ensure compliance both with internal security policies and applicable laws and regulations with necessary means of continuous monitoring.
• Assess client needs against security concerns and articulates issues and potential risks to management.
• Facilitate and design compensating controls when needed.
• Investigate security events generated from enterprise systems including Intrusion Detection Systems (IDS/IPS), Anti-malware and Anti-virus systems, and vulnerability scanning.
• Evaluate security risks and identify and define compliance strategies in accordance with policies and standards.
• Communicate with multiple departments and levels of management in order to resolve technical and procedural information security risks.
• Stay abreast of current security threats and security technologies.
Qualifications
• Bachelor’s/Master Degree in computer science, Information Systems, or other related field, and/or equivalent work experience.
• 1-5 years of combined IT and security work experience with a broad range of exposure to systems analysis, application development, networking, systems administration.
• Preferred: At least 1 to 5 years of experience in IT security and compliance.
• Ability to manage demands of internal and external customers through phone, email, and process requests
• Understanding of attack vectors
• Strong organizational skills to manage fast paced and demanding requests in a defined service level
• Knowledge of data security fundamentals and best practices with prior responsibilities of protecting information assets.
• Endpoint security solutions, including file integrity monitoring and data loss prevention.
• AWS and cloud platform as a service (PaaS and SaaS) security.
• Excellent written and verbal communication skills.
• Familiarity with IT Governance, Risk and Compliance practices and processes, and solid business acumen.
• SANS, AWS and other certificates desirable
#LI-MV1
Additional Information
Extreme event solutions at Verisk (formerly AIR Worldwide) provides risk modeling solutions that help individuals, businesses, and society become more resilient to extreme events. In 1987, Verisk founded the catastrophe modeling industry and today models the risk from natural catastrophes, supply chain disruptions, terrorism, pandemics, casualty catastrophes, and cyber incidents. Insurance, reinsurance, financial, corporate, and government clients rely on Verisk’s advanced science, software, and consulting services for catastrophe risk management, insurance-linked securities, longevity modeling, site-specific engineering analyses, and agricultural risk management. Verisk’s extreme event solutions team is headquartered in Boston, with additional offices in North America, Europe, and Asia. For more information, please visit www.air-worldwide.com. For more information about Verisk, a leading data analytics provider serving customers in insurance, energy and specialized markets, and financial services, please visit www.verisk.com.
At the heart of what we do is help clients manage risk. Verisk (Nasdaq: VRSK) provides data and insights to our customers in insurance, energy and the financial services markets so they can make faster and more informed decisions.
Our global team uses AI, machine learning, automation, and other emerging technologies to collect and analyze billions of records. We provide advanced decision-support to prevent credit, lending, and cyber risks. In addition, we monitor and advise companies on complex global matters such as climate change, catastrophes, and geopolitical issues.
But why we do our work is what sets us apart. It stems from a commitment to making the world better, safer and stronger.
It’s the reason Verisk is part of the UN Global Compact sustainability initiative. It’s why we made a commitment to balancing 100 percent of our carbon emissions. It’s the aim of our “returnship” program for experienced professionals rejoining the workforce after time away. And, it’s what drives our annual Innovation Day, where we identify our next first-to-market innovations to solve our customers’ problems.
At its core, Verisk uses data to minimize risk and maximize value. But far bigger, is why we do what we do.
At Verisk you can build an exciting career with meaningful work; create positive and lasting impact on business; and find the support, coaching, and training you need to advance your career. We have received the Great Place to Work® Certification for the fifth consecutive year. We’ve been recognized by Forbes as a World’s Best Employer and a Best Employer for Women, testaments to our culture of engagement and the value we place on an inclusive and diverse workforce. Verisk’s Statement on Racial Equity and Diversity supports our commitment to these values and affecting positive and lasting change in the communities where we live and work.
Verisk Analytics is an equal opportunity employer.
All members of the Verisk Analytics family of companies are equal opportunity employers. We consider all qualified applicants for employment without regard to race, religion, color, national origin, citizenship, sex, gender identity and/or expression, sexual orientation, veteran's status, age or disability.
http://www.verisk.com/careers.html
Unsolicited resumes sent to Verisk, including unsolicited resumes sent to a Verisk business mailing address, fax machine or email address, or directly to Verisk employees, will be considered Verisk property. Verisk will NOT pay a fee for any placement resulting from the receipt of an unsolicited resume.
Consumer Privacy Notice
Effective November 15, 2021, and subject to applicable law, all prospective hires for this position will be required to demonstrate that they are fully vaccinated against COVID-19 by their start date, or qualify for a legally-required medical or religious accommodation to this vaccination requirement, as a condition of employment. Hired candidates who do not demonstrate that they are fully vaccinated against COVID-19 by their start date, and who have not been approved for a legally-required medical or religious accommodation will no longer meet the requirements for employment and their offers of employment will be immediately rescinded, in accordance with applicable law.
