Information Security Engineer

Company Description

Fortegra is a global specialty insurer based out of Jacksonville that offers a diverse set of admitted and surplus insurance products and warranty solutions. For more than 45 years, we have delivered risk management solutions that help people and businesses succeed in the face of uncertainty. We seek to provide exciting opportunities, room for growth, and the ability to thrive in a workplace that is both challenging and rewarding. We foster a corporate culture that values the diversity of both individuals and ideas. Fortegra is proud to be Certified™ by Great Place to Work®. The prestigious award is based entirely on what current employees say about their experience working at Fortegra. For more information on Fortegra follow us on our LinkedIn .

Job Description

Responsible for ensuring the security, availability and integrity of data, data systems, and networks across the entire organization.  This role will be responsible for day-to-day operations of the in-place security solutions along with the identification, investigation and resolution of security breaches detected by those systems.

Information Security and Compliance

• Work closely with the network infrastructure team to continuously improve processes and technologies to prevent and detect malicious software in the environment.
• Lead the efforts in vulnerability remediation across all technology assets.
• Monitor all in-place security solutions for efficient and appropriate operations.
• Participate in the design and execution of vulnerability assessments, penetration tests and security audits.
• Conduct annual risk assessments and business impact analyses to identify vulnerable areas within the company’s critical functions.
• Conduct and participate in annual security tabletop and incident management exercises.
• Lead investigations into unmitigated security incidents that are escalated beyond tier 1 support.
• Prepare and respond to IT audits/risk assessments with internal and external agencies as required.
• Work closely with the Director of Software Development to enforce secure coding practices and conduct annual OWASP training with software development associates.
• Maintain up-to-date detailed knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors.
• Maintain up-to-date baselines for the secure configuration and operations of all in-place devices, whether they be under direct control (i.e., security tools) or not (i.e., workstations, servers, network devices, etc.).
• Recommend additional security solutions or enhancements to existing security solutions to improve overall enterprise security.
• Assist in the deployment, integration and initial configuration of all new security solutions and of any enhancements to existing security solutions in accordance with standard best operating procedures generically and the enterprise’s security documents specifically.

The above cited duties and responsibilities describe the general nature and level of work performed by people assigned to the job.  They are not intended to be an exhaustive list of all the duties and responsibilities that an incumbent may be expected or asked to perform.

Qualifications

• Bachelor’s degree in computer science or a related technology field with 4+ years of experience in an IT security capacity
• Security+ and/or Certified Information Systems Security Professional (CISSP) preferred.
• Knowledge and understanding of cybersecurity frameworks.
• Experience with server configuration, patch deployment and vulnerability remediation across various platforms.
• Experience in planning, organizing, and developing IT security system technologies.
• Incident response and remediation experience
• In-depth experience with network security devices such as firewalls, IDS/IPS, web application firewalls, Vulnerability Management and SIEM tools
• Excellent knowledge of technology environments, including information security, physical security, and defense solutions.
• In-depth knowledge of applicable laws and regulations as they relate to security and compliance
• In-depth knowledge of all types of disasters, natural or otherwise, and their effect on company technologies.
• Working technical knowledge of IT systems software, hardware, protocols, and standards.
• Knowledge of applicable practices and laws relating to data privacy and protection preferred.
• Periodic on-call support
• Other duties as assigned.

Additional Information

Full benefit package including medical, dental, life, company paid short/long term disability, 401(k), educational assistance and more.

Find us on Facebook at facebook.com/Fortegra