Permanent General Companies, Inc.
IT Security Engineer
At a glance
Location: US-TN-Nashville Map
Posted: 11/02/2019
Closing: 12/01/2019
Degree: Not Specified
Type: Full-Time
Experience: Not Specified
Permanent General Companies, Inc.
Job description
Overview

The General is seeking an IT Security Engineer to join our company. 

Who We Are

We are one of the fastest growing and most exciting companies in the insurance industry to work for today. We’re proud to say we’ve been in the insurance business for over 50 years.

Because of our rapid rate of expansion, we’re looking for the best talent to help The General® bring quality insurance to people across the country. Ask any of our employees and they’ll tell you that life at The General® is a challenging, fast-paced, exciting experience that offers a competitive total rewards package, healthy work/life balance and an exciting working environment.

You’ll gain crucial insights from your potential coworkers who bring different backgrounds and professional experiences to The General®. You’ll also find there are plenty of opportunities for advancement if, you’ve got the ambition. The work culture at The General® is one that celebrates diversity, team spirit, and good old-fashioned hard work.

Responsibilities

What You'll Do

As the IT Security Engineer you will be responsible for technical control implementation for IT security at the company. You will provide an advanced level of security support for the company. You will follow threat management, vulnerability management, and breach management processes to prevent, detect, respond to and recover from security incidents. You will provide subject matter expertise with regard to applicable regulations within IT areas. You will partner with members of the IT staff of the company IS security to address incidents, evaluate tools and services, monitor the network, share ideas, and ensure the enterprise is secure.

  • Evaluate, recommend, engineer, implement, administer, and support enterprise security solutions and tools with assistance from the infrastructure team.
  • Work with development teams to embed security during entire software development lifecycle.
  • Ensure IT security processes and procedures are properly followed and work with internal audit to verify that the policies and procedures are being adhered to.
  • Implement new technologies and security solutions in alignment with best practices and commonly accepted principles of secure design.
  • Assess the potential business impact and likelihood of threats and risks to the organization’s information infrastructure before events occur and work to implement solutions for corrections.
  • Monitor intrusion attempts and differentiate false positives from true attempts.
  • Research and keep abreast of testing tools, techniques, and process improvements in support of security detection and analysis.
  • Conduct system security reviews. Look for weaknesses in system design, implementation, or operation that could be exploited. Ensure the right checks and balances are in place.
  • Utilize various tools to monitor source code and infrastructure components.
  • Participate on IT/company incident response team as needed to minimize the impact of a security attack.
  • Assist in implementation of an IT security awareness program that ensures all associates are aware of their security responsibilities.
  • Assist in development and updating of the IT security roadmap.
  • Keep abreast of trends in the insurance industry and in IT security through training, attendance at conferences and trade publication reading. Incorporate those practices into the company as appropriate.
  • Provide after-hours on-call support and planned maintenance activities as scheduled.
Job requirements

Who You Are

You are an IT Security subject matter expert. You have proven communication, controls and risk assessment skills. You are accountable, results driven, and customer service oriented. You are a logical and systematic problem solver. You have a strong knowledge and understanding of UNIX, Linux and Microsoft Office applications. You also have a solid understanding of Payment Card Industry (PCI) and Model Audit Rule (MAR) or Sarbanes Oxley (SOX) compliance requirements.

You have experience utilizing vulnerability scanning software. You have experience with firewalls, associated rule sets and logs. You have experience with file integrity monitory software. You also have experience with secure remote access and dedicated VPNs.

You bring an Associate’s Degree or higher education in Information Systems or a related field with CISSP or other security certifications preferred (OSCP, CEH, GIAC, CESG, CHECK). You bring 2+ years of IT security experience with 4+ years of tier 3 IT experience. You are qualified to perform PCI vulnerability scans.

IT Security Engineer