American Family Insurance
Full Time

We are sorry, but this job listing has expired.

At American Family Insurance, we're driven by our customers and employees. That's why we provide more than just a job - we provide opportunity. Whether you're already part of our team in search of a new challenge or new to our company and ready for what's next, you're in the right place. Every dream is a journey that starts with a single step. Start your journey right here. Join our team. Bring your dreams.

Quick Stats:Job ID: R10333 Cloud Security Senior Engineer (AWS) - Open to Remote (Open)Summary:The Cyber Security Sr. Engineer supports the secure design, development, and implementation of cyber security technologies, safeguards, capabilities, and applications according to reasonable and appropriate security standards and practices. Considers business need, consumers, infrastructure, applications environments and web services from a security perspective and offers balanced recommendations that serve business needs while reducing unwanted risk.
Strongly prefer candidates who have:
  • Experience with Amazon Web Services (AWS)
  • Experience with Amazon security controls (GuardDuty, CloudTrail, CloudWatch, IAM, Macie)
  • Experience with other cloud security controls for vulnerability scanning, configuration management, patch management, security logging.
  • Offer to selected candidate will be made contingent on the results of applicable background checks
  • Offer to selected candidate in contingent on signing a non-disclosure agreement for proprietary information, trade secrets, and inventions
  • Our policy restricts consideration of applicants needing employment sponsorship (visas) to specialty occupations. Sponsorship will not be considered for this position
  • Relocation assistance is availableResponsibilities:

    Specialized Knowledge and Skills Requirements
  • Demonstrated experience providing customer-driven solutions, support or service
  • Demonstrated experience leading project teams.
  • Demonstrated experience performing system and application vulnerability assessments.
  • Demonstrated experience programming and scripting for automation or integration.
  • Demonstrated experience with application design reviews and threat modeling.
  • Solid knowledge and understanding of operating systems including MS Windows, IOS, UNIX, and Linux.
  • Solid knowledge and understanding of web application security.
  • Solid knowledge and understanding of security threats, techniques, and landscape.
  • Solid knowledge and understanding of threat and vulnerability management.
  • Solid knowledge and understanding of database, network, server, and remote connectivity security.
Travel Requirements
  • This position requires travel up to 15% of the time.
Working Conditions
  • Ability to participate in 24x7 off hour/on call on a rotating basis.
Additional Job Information:
Job Description:

Primary Accountabilities

Security Solutions
  • Evaluates the impact new or updated systems have on the security infrastructure.
  • Validates controls are functioning as intended.
  • Collaborates with other areas of the company to understand needs, evaluate risks, educate, and offer recommendations.
  • Works closely with development teams to encourage security-compatible designs during entire software development lifecycle.
  • Manages enterprise security technologies and vendor relationships.
  • Leads the implementation, administration, and support of enterprise security solutions and tools. Configures solutions and tools to meet needs.
  • Leads the implementation, administration and support of enterprise security solutions that allow for mobility.
  • Participates as a subject matter expert on security matters in company projects.
Threat and Vulnerability Management
  • Conducts threat research. Keeps up-to-date on potential threats and source of threats.
  • May be asked to respond to threats, vulnerability, and breach & Incident Response processes to prevent, detect, respond to and recover from security incidents.
  • Prepares reports for management and consults with application development and infrastructure teams.
  • Performs assessments through penetration testing and ethical hacking.
  • Analyzes security risks and recommends mitigating and compensating security controls.
  • Executes the security event correlation and management process.
  • Researches and keeps abreast of testing tools, techniques, and process improvements in support of security detection and analysis.
  • Manages and supports the resolution of higher profile and complex incidents and work assignments. Follows the appropriate procedure for the type of incident. Coordinates with Security Compliance for disclosures and notifications.
  • Leads and participates as required in root cause analysis and restoration of operational services to respond to computer security incidents or intrusions.
  • Conducts security reviews. Looks for weaknesses in system design, implementation, or operation that could be exploited. Ensures the right checks and balances are in place.
  • Monitors intrusion attempts. Differentiates false positives from true attempts.
  • Monitors digital channels for security threats. Keeps up to date on potential threats and source of threats.
  • Researches and keeps abreast of security tool operation, techniques, and process improvements in support of security detection and analysis.
  • Provides support for escalated issues.
  • Conducts code reviews. Looks for weaknesses in source code.
Project Security Consulting
  • Represent Information Security on department and company projects
  • Provide recommendations related to risk mitigations
  • Communicate risks to project sponsors
  • Supply project deliverables as appropriate
Stay connected: Join our Talent Community!