Information Security Engineer - Corporate

Ryan Specialty is looking for an Information Security Engineer to join our Chicago, IL team. We are a fast paced, energetic and rapidly growing organization that offers a great opportunity for someone interested in further developing their career. Ryan Specialty has been named one of America’s Most Loved Workplaces by Newsweek, and has been named 2023 Top Insurance Employer by Insurance Business America. 

 

Position Summary:

Ryan Specialty is looking for an Information Security Engineer to join our Chicago team. We are a fast paced, energetic and rapidly growing organization that offers a great opportunity for someone interested in further developing their career. The Information Security Engineer will play a critical role in safeguarding our organization’s digital assets and ensuring the confidentiality, integrity, and availability of our systems. You’ll collaborate with cross-functional teams to design, implement, and maintain robust security solutions. Your expertise in zero trust networking, cloud concepts, firewalls, and network security groups will be essential in protecting our infrastructure.

Essential Functions:

• Develop and implement security controls, policies, and procedures to protect our networks, systems, and data.
• Apply zero trust principles to network architecture, ensuring secure access and minimizing attack surfaces.
• Leverage your knowledge of cloud services and best practices to secure cloud-based applications and infrastructure.
• Collaborate with the network team to ensure secure configuration and management of firewalls and security groups to prevent unauthorized access and monitor traffic.
• Engage in regular security assessments, vulnerability scans, and penetration tests.
• Design and document best-practice security procedures, standards, and guidelines for other teams or business units.
• When needed, analyze traffic, investigate alerts, set policy and work with other teams to investigate and mitigate security events. 
• Work with managed services partner to continue to expand log ingestion, build additional alarms, and maintain infrastructure reliability and stability.
• Identify new cybersecurity risks and work with the team to develop mitigation plans.
• Assist in identifying and managing privileged access across the enterprise
• Assess and provide gap analysis of existing tools and controls to determine areas of increased risk and action those items through remediation.
• Participate and assist team through Tabletop exercises, documenting gaps and maintaining until resolution.
• Partner with other departments and business units to implement security solutions including project & change management.
• Advocate security awareness and teach secure behavior and methods.
• Perform technical risk assessments, triage security testing results and manage security response actions.
• Work closely with IT on the development of security metrics, assisting in compliance audits, and continuous security improvements.
• Assist in compliance activities such as external audits from customers, regulatory compliance projects, and overall information security reviews.

Education/Experience/Skills:

• Bachelor's degree in Computer Science/Engineering/Information Security or equivalent experience.  
• Minimum 2 years information security engineering experience.
• CISSP or comparable Information Security certification.
• Proficiency in zero trust networking principles.
• Understanding of cloud services and security features.
• Firewall management background, including overseeing the policy management, VPN controls, and traffic analysis processes. 
• Self-motivated and capable of managing tasks independently. 
• Strong written and oral communication skills.
• Experience working in a team-oriented, collaborative environment.

Disclaimer

Ryan Specialty is an Equal Opportunity Employer.We are committed to building, growing, and sustaining a diverse workforce that is reflective of society throughout the entirety of the organization and throughout the insurance industry.We aspire to cultivate a company that is both inclusive and equitable, where every employee is recognized and assessed based on their performance and contributions.We strive to harness our differences and commonalities to better serve our clients, trading partners, workforce, and communities.