IS Security Engineer

Pinnacol Assurance does just one thing, and does it better than anyone: provide caring workers’ compensation protection to Colorado employers and employees. And while we may be a little biased, we believe that our work shapes communities and changes lives.

We have big hearts and love big ideas. We’ve been around for more than  100 years, but don’t let that fool you. Pinnacol is committed to taking care of Colorado employers and workers in the most innovative ways. We celebrate continuous improvement, new ideas, compassion, teamwork, integrity and excellence.

With our number one priority to keep everyone safe, along with the heart of Pinnacol’s “culture of caring” to do what is right and not what is easy, we’re currently having our team members work from home. But we’re still making time for fun with virtual events like virtual painting classes, virtual yoga and Zumba classes, and virtual happy hours!

What you’ll do:

Serve as a Cybersecurity subject matter expert for the organization. Ensure the secure operation of Company’s computer systems, servers, and network connections.

What you can expect:

• Work as part of a team to implement a security framework resulting in a layered defense-in-depth cybersecurity posture for the organization
• Implement systems and controls that monitor and detect unauthorized devices and software
• Implement systems and controls ensuring secure configurations for hardware and software on mobile devices, workstations and servers
• Implement perimeter defenses implicitly denying connections and permitting access based on principle of least privilege
• Implement and maintain continuous vulnerability assessment and remediation systems
• Implement systems and policies that limit access and protect data based on principle of least privilege
• Implement logging systems capable of monitoring and alerting for anomalous or suspect activities and potential breaches
• Implement and support systems for Identity and Access Management resulting in streamlined provisioning, changes and de-provisioning of users
• Respond to cybersecurity incidents and breaches by tracking activities, implementing countermeasures and resolving issues in a timely and accurate manner
• Conduct penetration testing and red team exercises that test the organizations perimeter and employee response to external attackers
• Develop standard work and metrics that result in dashboards measuring the state of cybersecurity program
• Working knowledge of public cloud platforms (AWS, Azure and/or IBM or GCP) Cloud platforms
• Cloud Security Posture Management (CSPM) knowledge
• Maintain system and process documentation
• Track work product using ticketing systems
• Serve as an organization cybersecurity subject matter expert for various projects, training and assessments as needed
• Perform other duties as assigned

What you need to be successful:

Bachelor’s Degree strongly preferred. Relevant work experience (similar kind of work at a similar level of work as described in the essential duties) may be substituted for the bachelor's degree. Completion of a degree is encouraged and supported. Two years cyber security experience coupled with five years system, network or development experience required. Must have experience in an incident-driven environment. Solid understanding of security architecture for multiple operating systems, including Windows, Unix and Linux preferred. IT forensics experience preferred. One or more of the following certification preferred:

• CompTIA: CASP
• SANS: GCIH, GCWN, GISF, GISP, GSSP, GICSP, GSSP, GSEC and GCFA 
• Carnegie Mellon: SEI
• ISC2: CCSP, CISSP, CSSLP, SSCP
• Cisco: CCNP, CCNP Security, CCIE Security
• EC_Council: CEH, ECSP
• Microsoft: MCSE (Server), Azure Administrator Associate, Cybersecurity Architect Expert, Azure Solutions Architect Expert o Red Hat: RHCA, RHCE
• Splunk: Certified Splunk Architect & Splunk Certified Administrator

We can’t do our work without people like you.
Our employees are extraordinary and committed to making a difference. Here’s some of the ways we show our appreciation.

• Our benefits go beyond the basics. You’ll get to choose from diverse benefit offerings for medical, dental and vision.
• We care about each other. We enjoy a positive, collaborative work environment. We are hard workers and high performers.
• We love who you are. Pinnacol is on a journey to embody diversity, equity and inclusion. We’re committed to creating a culture that deeply values differences, where everyone feels like they belong.
• Take a day (or 20!) off. Enjoy 20 paid days off your first full year plus 9 paid holidays.
• Take care of yourself. Sign up for unique wellness programs, including on-site, company-paid fitness facilities and classes
• Get your learning on. We promote a learning culture to help you master your current job and cultivate the skills of the future through a variety of on-site, online, and off-site professional development opportunities.
• Give back and get paid. Through our employee volunteer program, Pinnacol in Action, employees receive paid time off to volunteer with Colorado nonprofits.
• Share in our success. You’ll have the opportunity to earn a quarterly incentive, up to 20 percent of your annual base salary, when your team exceeds their goals and objectives.

When we find the right person, we try to put our best foot forward with an offer that excites you. We consider what you’d like to be paid, the skills and experience you bring, what similar jobs pay in the Denver area and make sure there’s equal pay for equal work among those you’ll be working with. The compensation amount for this role is targeted at $118,500-$124,100. Final offer amounts are determined by multiple factors including your experience and expertise and may vary from the amounts listed above.

Want to love your work? Apply today!

Pinnacol is committed to working with and providing reasonable accommodations to applicants with disabilities. To request assistance with the application process, please email recruiting_team@pinnacol.com.