Information Security Engineer- US Remote

United States - Remote

Guidewire Software logo
Guidewire Software
Apply now Apply later

Posted 2 weeks ago

The Information Security Engineer will be responsible for implementing, configuring and administering the security tools, controls and solutions in AWS public cloud or co-locational data centers, as part of Guidewire’s layered defense-in-depth infrastructure security. The role will report to the Director of Security Operations and is part of the Guidewire’s global Information Security group. The selected candidate needs to demonstrate subject matter expertise in one or more of the following areas: ESSENTIAL DUTIES AND RESPONSIBILITES ·        Deploy, configure and manage infrastructure security products, tools and solutions to help augment security threat monitoring, detection, prevention and compliance as part of Guidewire’s cloud security architecture ·        Work with Cloud Operations, IT and product teams to perform POCs and track deployments for initiatives and/or changes in the Guidewire’s public cloud environment  ·        Responsible for the vulnerability management program that includes periodic scanning, reporting, and tracking remediation of the security vulnerabilities discovered in AWS and data center assets ·        Develop and enforce cloud security standards in AWS including IAM policies, security groups, S3 bucket policies, encryption, network security, cloud work load and container security, logging, monitoring etc.·        Respond to and perform initial investigation and triaging of alerts from security tools and products like SIEM, IDS/IPS, EDR, Email Security etc.·        Willingness to be on call and serve as the point of contact for information security alerts and incidents  REQUIREMENTS ·        3+ years of previous experience working in security operations, administration, threat and vulnerability management – experience with automation and familiarity with “Infrastructure as Code” in the public cloud required ·        Minimum 2 years of experience deploying, testing and configuring multiple security technologies including IDS/IPS, SIEM, Next Gen Firewalls, Email Security, WAFs, Endpoint Detection and Response tools, Vulnerability Scanners, AWS Cloud Security platform tools ·        Thorough knowledge of the TCP / IP protocol suite, securing and hardening Operating Systems, Networks, Databases and Web Applications Information  ·        Hands on experience in running vulnerability scans, analyzing and tracking vulnerabilities with asset owners for timely remediation ·        2 years of hands-on experience with a public Cloud platform (AWS, Azure, GCP) with excellent understanding/working knowledge of IaaS platforms and services (i.e. VPC, EC2, S3, RDS, Lambda, AWS WAF, CloudFront, ECS, Flow Logs etc.)  ·        Experience developing and maintaining hardening and configuration standards and procedures ·        Security certifications like CISSP, GSEC, CEH, AWS certification etc. are highly desired ·        Familiarity with industry common information technology control frameworks, particularly SOC1/2, Cloud Security Alliance, and ISO 27001/2. ·        Excellent verbal and written communication skills and ability to document and explain technical details, standards and reports clearly and concisely B.S. degree in Computer Science or related field or equivalent combination of professional development training and experienceAbout Guidewire
Guidewire is the platform P&C insurers trust to engage, innovate, and grow efficiently.
Guidewire combines core, data, digital, analytics, and AI to deliver our platform as a cloud service. 380 insurers, including the largest and most complex in the world, run on Guidewire.
As a partner to our customers, we continually evolve to enable their success. We are proud of our unparalleled implementation track record with 700+ successful projects, supported by the largest R&D team and partner ecosystem in the industry. Our marketplace provides hundreds of add-ons that accelerate integration, localization, and innovation.
Job tags: AI Analytics Architecture Automation AWS Azure C CEH CISSP CloudFront Encryption IaaS IDS IPS ISO 27001 Lambda Network security POCs S3 SIEM Vulnerabilities Vulnerability management