Senior Information Security Engineer
The Hanover’s Information Security team is looking to bring on a Senior Information Security Engineer to join us in Worcester, MA or Glastonbury, CT offices.
This Engineer will provide subject matter expertise and guidance on complex projects/initiatives. They will be responsible for building, maintaining, and improving the organization’s threat detection and response capabilities. This Engineer will collaborate within the InfoSec team and across partner business units to improve our cyber security posture.
This is a Full-time, Exempt role.
A successful Senior Cyber Security Engineer is a strong communicator and relationship builder, who uses soft-skills to persuade stakeholders to: achieve consensus, obtain commitment, and take action. Senior engineers are expected to directly mentor less experienced engineers and technicians, while consistently demonstrating behaviors aligned with our core values.
- Researches, designs, and integrates information security solutions and controls across the enterprise in a way that is transparent to end users, supports executive strategies, and fundamentally ensures the security of the information The Hanover is entrusted to protect
- Directs and enhances organizational initiatives by positively influencing and supporting change management and/or departmental/enterprise initiatives within assigned area(s) of responsibility.
- Assesses operational business processes to ensure security is appropriately integrated.
- Responds to metrics for incremental improvements in control design
- Assess and plans changes with high regard to change management rigor
- Assesses potential risks with new applications and products and provide security requirements and recommendations for risk mitigation to help the business succeed with their projects.
- Consults as security subject matter expert with networking, architecture, developers, and others on solutions to security problems.
- Directly engages in advanced troubleshooting and delivery with stakeholders, including end-users.
- Provides information security engineering support across organization –including off-hours support and on-call rotations as appropriate.
- Ensures reports and findings are delivered in a timely and appropriate manner to management, operations and executive leadership.
- Recommends new security policy, standards, best practices, and system configuration standards. Consults with internal clients on security topics and policy interpretation.
- Identifies higher risk areas of the infrastructure for assessment.
- Coordinates activities across multiple departments and business units.
- Maintains knowledge on current and emerging developments/trends for assigned area(s) of responsibility, assesses the impact, and collaborates with senior management to incorporate new trends and developments in current and future solutions.
- Identifies and directs the implementation of process improvements that significantly improve quality across the team, department and/or business unit for his/her assigned area(s) of responsibility.
- Provides subject matter expertise to team members and applicable internal/external stakeholders on complex assignments/projects for assigned area(s) of responsibility.
- Provides direction on complex assignments, projects, and/or initiatives to build and enhance the capability of assigned area(s) of responsibility.
- Creates, scripts, and maintains mission critical correlation searches and alerts leveraging diverse log sources and types
- Provides subject matter expertise in security logging and alerting best practices to detect and prevent security incidents.
- Optimizes alerting and response techniques utilizing complex and/or cutting-edge machine learning, automation, and orchestration techniques.
- Provides subject matter expertise for alerting and analyzing security events within the Security Operations Center to prevent and address security incidents.
- Monitors and provides assurance of the overall health and effectiveness of prevention, detection, and response capabilities.
- Contributes to building and improving cybersecurity procedures
- Collaborates with cybersecurity engineering and cyber threat intelligence teams to implement and tune security tools used by InfoSec operations.
- Provides training and mentoring to information security team members.
- 5+ years of IT Security experience, in areas such as security operations, incident analysis, incident handling, and vulnerability management or testing, log analysis, intrusion detection that directly relates to the responsibilities of this position. (required)
- 4-year/Bachelor's degree or equivalent work experience (4 years of experience in lieu of Bachelor's) (Minimum Required)
- Hands-on experience with a variety of cyber security tools
- Hands-on experience in a Windows / Linux environment
- Must have excellent trouble-shooting and problem-solving skills
- Demonstrated understanding of Security Fundamentals, General IT knowledge, Network Systems, Firewalls, IDS/IPS Systems, Windows & Linux Systems Administration, SEIM technologies, Windows/Linux and MAC operating systems, Desktop Engineering, Cloud Technologies, Mobile and Databases
- Demonstrated experience with scripting languages such as PowerShell, Perl, and Python
- At least one security certification
Personal and Professional Competencies:
- Ability and commitment to communicate effectively, consistently chooses communication methods to ensure critical information reaches and persuades intended audience
- Strong team player. Uses strong interpersonal skills to build partnerships with stakeholders and peers
- Possesses leadership qualities
- Persuades stakeholders to achieve positive outcomes
- Demonstrates a strong sense of accountability (ownership and commitment) toward leading peers and stakeholders on critical projects and tasks; making, meeting and communicating progress.
“The Hanover values diversity in the workplace and among our customers. The company provides equal opportunity for employment and promotion to all qualified employees and applicants on the basis of experience, training, education, and ability to do the available work without regard to race, religion, color, age, sex/gender, sexual orientation, national origin, gender identity, disability, marital status, veteran status, genetic information, ancestry or any other status protected by law.
Furthermore, The Hanover Insurance Group is committed to providing an equal opportunity workplace that is free of discrimination and harassment based on national origin, race, color, religion, gender, ancestry, age, sexual orientation, gender identity, disability, marital status, veteran status, genetic information or any other status protected by law.”
As an equal opportunity employer, Hanover does not discriminate against qualified individuals with disabilities. If you require a reasonable accommodation, as a candidate for employment, please inform The Hanover Talent Acquisition office.
Applicants who are California residents: To see the types of information we may collect from applicants and employees and how we use it, please click here.
- Job Function Information Technology
- Pay Type Salary
- Travel Required No
- Required Education Bachelor’s Degree
- Glastonbury, CT, USA
- Worcester, MA, USA