Senior Cyber Security Engineer

Location: Hybrid Work Model – Van Wert, OH; Dublin, OH 

We are a team of employees who are passionate about delivering best-in-class customer service and innovation in the industry. We prioritize integrity, relationships, and excellence in all aspects of our work. 

Our employees can fully utilize their talents and bring their best selves to work. We believe who you are is just as important as what you do! 
 
Security and technology play a crucial role in our ability to deliver best-in-class insurance products. We’re seeking a curious person with a passion for security to join our IT Security & Compliance Team as a Senior Cyber Security Engineer. You would play a pivotal lead role in identity solutions for our employees, agents, and policyholders. Our mission is to produce a constantly optimized risk identification and mitigation cycle while supporting our critical technology solutions in which identity is a core fundamental component. We do this through threat modeling, strategic prioritization, and data-driven decision-making from security analytics. 

How You’ll Make an Impact 

• Develop and coordinate IAM (Identity and Access Management) and PAM (Privileged Access Management) strategies to ensure secure access to systems and data
• Design, configure, and manage IAM and PAM solutions, including user provisioning, access controls, authentication, and authorizations
• Collaborate with other IT teams who will integrate with IAM and PAM solutions, including Single Sign On (SSO) federation with existing applications and systems
• Develop and execute security controls, defense, and countermeasures to prevent attacks that utilize weaknesses in user access controls
• Maintain and enforce robust password policies, ensuring compliance with best practices and regulatory requirements
• Monitor and respond to security events related to authentication triggers, including investigation and mitigation of potential threats
• Coordinate the user access review and privileged access review process to identify any discrepancies or unauthorized access and remediate those findings in accordance with regulatory requirements
• Perform root cause analysis, conduct threat analysis, determine an action plan to remediate any risks identified, and provide recommendation to remedy issues to director
• Design and conduct threat modeling and penetration testing for exploitable weaknesses related to identity within Central’s infrastructure
• Provide expertise for data security related to identity concepts in areas such as encryption protocols, DLP solutions, data masking, or data anonymization techniques
• Lead collaboration and provide advice for identity-related initiatives with functional areas within Information Technology as well as key stakeholders throughout the organization in collaboration with IT partners 

What You’ll Bring 

• Bachelor's degree in computer science and four years of cybersecurity experience
• Or six years of cybersecurity experience 

Preferred 

• Creativity and passion for cyber security
• Curious mind and strong desire to constantly learn
• Proven researcher and experience staying up to date on cyber security trends
• Top-notch communication skills and ability to clearly explain security risks and persuade any audience
• Ability to weigh risks, calculate the costs on a course of action, and propose the optimal path toward mitigation
• Capable of designing and enhancing security KPI metrics to prioritize activities
• Expert and wide-ranging knowledge of security concepts within NIST Cyber Security Framework
• Adept skill and proven experience in utilizing IAM and PAM solutions
• Proven expertise in protecting service accounts and non-human accounts
• Expert knowledge of the risk assessment methodology
• Expert knowledge of identity and access management concepts
• Strong in-depth knowledge of user provisioning and access controls workflows and capable of utilizing KPI metrics to design change and continuously improve
• Advanced knowledge in cyber risk assessment, cyber risk management, threat modeling, and penetration testing concepts
• Proven experience with security implementations of encryption, data security, SIEM, file transfer protocols, and cloud services
• History of providing sound technical advice during tabletop exercises at the IT or Corporate level
• Ability to understand Central Insurance’s policies and processes