Job Description
Job Title:
Security Operations Engineer - Vulnerability Management
Department:
Information Security
Reports To:
Sr. Security Operations Manager
Why Choose Acrisure?
In record time, Acrisure has become the fastest-growing insurance broker globally. A top 20 player a few years ago, we are now in the top 10 insurance broker globally, with ambitious plans to continue growing at pace. Beyond our growth, our dedication to client service, as fueled by our business model and culture, means that Acrisure’s opportunity is to be the most relevant and successful privately held insurance broker in the industry.
Our model is unique. Through a network of agency partners that provide local service with global reach, we work in service of two core objectives: create value and be a good partner.
Our culture is strong. We are a collaborative company of entrepreneurial, innovative, and talented people who believe in our future. We outthink and out work the competition. We look outside our walls and are energized by our fast-paced trajectory.
Our vision for the future is clear. We have limitless potential to achieve unprecedented success in the insurance industry. To achieve our opportunity, a best-in-class Information Security Team must support us.
This is an exciting opportunity to join this growing team and immediately impact on the company's overall success. If you are interested in collaborating with good people who celebrate entrepreneurialism and work with the commonality of purpose, Acrisure is the place for you.
Essential Duties and Responsibilities:
- Champion vulnerability assessments using scanning tools and techniques to identify potential security weaknesses in systems, networks, and applications.
- Research and stay appraised to new vulnerabilities and inform the greater teams of their potential impact.
- Analyze scan results and prioritize vulnerabilities based on their severity, potential impact, and exploitability.
- Coordinate and oversee the patching and remediation process, ensuring that security patches and updates are applied promptly to address identified vulnerabilities.
- Assess the overall security risk posture of the organization by considering the identified vulnerabilities and their potential impact on the business.
- Reporting: Generate and communicate detailed vulnerability reports to relevant stakeholders, including IT teams, management, and security personnel, highlighting the most critical issues.
- Partner with Datacenter and Support Teams to assess and remediate vulnerabilities.
- Take a metrics-driven approach to remediation and problem-solving.
This description is not meant to be all-inclusive and may be modified at the discretion of management.
Education and/or Experience:
- 3-5 years of experience in using vulnerability assessment tools such as Rapid7, Nessus, Qualys, OpenVAS, or similar is essential.
- Strong analytical skills are necessary to assess vulnerabilities' severity and potential impact.
- Effective communication is critical in this role, as you'll need to convey technical information to non-technical stakeholders, collaborate with various teams, and report on vulnerabilities clearly and concisely.
- Understanding network protocols, operating systems, and application architectures is vital for identifying and mitigating vulnerabilities effectively.
- Demonstrated track record of leading or coordinating major security projects.
- Ability to understand, interpret, and apply common security standards and frameworks such as NIST 800-53, CIS, SOX, and ISO-27001.
- Certifications like CySA+, PenTest+, CEH, or similar is a plus.
Other Qualifications:
- Able to work independently and enjoy a high degree of interaction with team members
- Ability to contribute to a collaborative environment by consistently demonstrating teamwork, high motivation, positive behavior, and effort to achieve goals and objectives
- Self-motivated and driven
- Maintain a sense of urgency and ability to work with and meet deadlines
- Demonstrate effective written and verbal communication, including the ability actively listen, and problem solve with minimal assistance
- Demonstrates excellent time management and prioritization skills
- Attention to detail and commitment to a high level of accuracy
- The ability to multitask, prioritize, work independently, and use discretion surrounding sensitive information
- Ability to maintain a professional demeanor and positive attitude
Physical Demands: The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
- Moderate stress due to regular deadlines and daily challenges.
- High finger dexterity while typing documents and forms
- Occasionally lift up to 20lbs.
Work Environment: The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job, and reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
- Work is done in a temperature-controlled, non-smoking office.
- Workstations are cubicles with moderately high sides.
- The noise level in the work environment is usually moderate.
Together with our Agency Partners, Acrisure is reshaping the insurance industry. Be a part of that evolution and join the Acrisure community, either as part of our Home Office support teams or within one of our Agency Partners. Visit our website to see available job openings in insurance, accounting, account management, and more.
https://acrisure.com/about-acrisure/careers/
To Executive Search Firms & Staffing Agencies: Acrisure does not accept unsolicited resumes from any agencies that have not signed a mutual service agreement. All unsolicited resumes will be considered Acrisure’s property, and Acrisure will not be obligated to pay a referral fee. This includes resumes submitted directly to hiring managers without contacting Acrisure’s Human Resources Talent Department.
Acrisure is committed to employing a diverse workforce. All applicants will be considered for employment without attention to race, color, religion, age, sex, sexual orientation, gender identity, national origin, veteran, or disability status. California residents can learn more about our privacy practices for applicants by visiting the Acrisure California Applicant Privacy Policy available at
www.Acrisure.com/privacy/caapplicant
.To Executive Search Firms & Staffing Agencies: Acrisure does not accept unsolicited resumes from any agencies that have not signed a mutual service agreement. All unsolicited resumes will be considered Acrisure’s property, and Acrisure will not be obligated to pay a referral fee. This includes resumes submitted directly to Hiring Managers without contacting Acrisure’s Human Resources Talent Department.
Visit Original Source:
https://www.indeed.com/viewjob
