Cyber Security Engineer

Description

We are Hiring!

Cyber Security Engineer

Location: Edina, MN

Why choose Palomar?

Palomar is a rapidly growing and innovative insurer focused on providing specialty insurance to residential and commercial customers. Palomar welcomes self-motivated individuals to our thriving company. Guided by an entrepreneurial spirit, Palomar is building a dynamic and diverse team.

Join a company built on a culture of agility, innovation and authenticity that delivers peace of mind and protection to individuals and businesses impacted by adversity.

Want to learn more about our exciting journey? Go to plmr.com to learn more. Investor Relations - Palomar Holdings, Inc. (palomarspecialty.com)

The Details:

We are seeking a Cybersecurity Engineer who will be reporting to the Cybersecurity Manager. The ideal candidate for this position is someone with 4-5 years’ experience working as a cybersecurity professional. This position will work within the TECH Engineering team working to implement security strategies, solutions and incident response. The ideal candidate will provide strategic guidance and hands on implementation of best practices security solutions.

What will you do? (Job Duties)

• Serve as a security subject matter expert in a consultative capacity with the infrastructure teams by conducting security reviews/remediation at various stages of the systems and capability deployments.
• Manage and respond to Third Party Risk Management (TPRM) requests and assessments.
• Incident response and remediation efforts as tier 1 response.
• Penetration Testing, Internal, External and Web application.
• Cyber forensics and post incident response.
• Perform threat modeling, architecture reviews, and ensure critical vulnerabilities are identified, communicated to team members, and drive delivery of mitigations.
• Manage security policy and control lifecycle across publication, enforcement, update, and audit.
• Research and recommend changes to procedures and systems to enhance systems and data security.
• Develop and deliver security awareness to the company.
• Research emerging technologies and maintain awareness of current security risks in support of security enhancement and development efforts.
• Coordinate around, participate in, and manage information security projects and infrastructure projects
• Develop and implement tools to test, monitor, and enforce security policy; including metrics to understand policy effectiveness.
• Be proactive, accountable, autonomous, and solutions oriented.
• Automate security processes to reduce as much manual work as possible.
• Maintains SIEM and administers security policies to control access to systems.
• Monitor, triage, and response to SIEM alerts.
• Monitor, triage, and response to Service Desk alerts.
• Member of the Incident Response Team, manager incident investigations, triage, forensics, response, communications, remediation efforts.
• Perform technical analysis of complex software, systems, hardware, and network environments
• Execute security controls to prevent hackers from infiltrating company information or jeopardizing programs.
• Research attempted efforts to compromise security protocol and recommends solutions.
• Research the latest in information technology security trends to keep up to date with the subject and use the latest technology to protect information.
• Conduct frequent testing of simulated cyber-attacks to look for vulnerabilities in the computer systems and take care of these before an outside cyber-attack.
• Phishing
• Threat Hunting
• Tabletops
  
  

Requirements

What we are looking for: (Experience)

• BS degree in Cybersecurity, Computer Science, Information Systems, Engineering, or relevant experience
• 4+ years relevant experience in Cybersecurity and/or Information Technology.
• 3+ years of experience in some combination of cloud security, infrastructure security, penetration testing, firewall management, network security, security tools, architecture review.
• Solid grounding in information security fundamentals, host and network security hardening and requirements; networking protocols; common intrusion techniques; and common risk management concepts.
• Knowledge of OWASP, ITIL, SANS Top 20 Critical Security Controls and NIST Framework and Vulnerability Database (CVE & CCE)
• Demonstrated a high degree of attention to detail and accuracy.
• Deep understanding of Information Technology security solutions.
• Experience in finance or insurance industry a plus
• Able to work on-site 3-4x/week
• Experience with:
• Third Party Risk Assessments / Vendor Risk Assessments
• Penetration testing
• Incident Response and Cyber forensics
• Integrating security into SDLC including static analysis, dependency scanning, dynamic testing.
• Performing technical analysis of complex software, systems, hardware, and network environments.
• Using web application vulnerability scanning tools and with manual web application testing
• CISSP, Microsoft, Mac or other security certifications.
• Securing cloud IAAS and PAAS environments (Azure, Google Cloud, AWS)
• Experience with various Identity Management capabilities.
• Understanding of the following tools: SIEM, Virtual Machines, Microsoft Products, Next Gen AV, MDR/EDR, Vulnerability Scanners, Application Whitelisting/Blacklisting, MDM, Ticketing Systems, Data Security and Posture Management (DPSM), API Security.
• Establishing and utilizing measurements, processes, and metrics to manage support activities.
• Cybersecurity standards/organizations (such as SOX, SOC2, ITIL, NIST, COBIT, ISO, PCI)
• PowerShell, python or Perl development and automation capabilities.
• Log collection and storage.
• HIDS, HIPS, NIDS, NIPS solutions.
• Network monitoring tools to monitor attacks/threats and doing the initial triage of findings.
  
  

We love people who want to:

• Build strong relationships through transparency, trust, and respect for each other.
• Work in an agile environment, with a resilient mindset to find creative solutions to challenges.
• Collaborate and celebrate diverse perspectives, promoting inclusivity and equality.
• Do the right thing with strong conviction and integrity.
• Be bold and innovative to help make an impact.
• If you thrive in a dynamic environment, and like working with happy, authentic, talented people, you'll enjoy a career with Palomar!
  
  

Role Dependent Add On:

• Zoom in and out between strategic and tactical
• Demonstrable track record of working autonomously and driving progress
• Be intellectually curious, think creatively, and pragmatic
• Be hands on with their team and roll up their sleeves
• Lead with empathy and support personal and professional development
• Empower people to continue to grow and see a bigger picture
  
  

What will you get in return?

• Full Suite of Medical Benefits
• Long Term Financial Incentives: All team members receive company equity.
• 401k with 3.5% automatic fully vested Employer Contribution
• Competitive PTO + Holiday Program
• Hybrid Work Environment
• Work From Home Stipend
• Professional Development Assistance
• Career Exploration Opportunities
• Regular company-wide social events (even virtually!)
• To learn more visit us at www.plmr.com
  
  

Diversity at Palomar

At Palomar, we are committed to diversity, equality, and inclusion in all facets of the organization. We have built an open culture that celebrates the diversity of our workforce, while actively championing equality and inclusion practices that make us a company people want to work with and work for.

We believe that diversity, equality, and inclusion yield greater organizational creativity and productivity, which helps us serve our customers and partners more effectively. Delivering on our diversity commitment returns greater value to our shareholders and ultimately makes a positive impact to the communities in which we do business and to the people who live in them.

Accommodations:

Palomar will consider reasonable accommodations to ensure a qualified applicant with a disability (both visible and invisible) can be considered for the position. Palomar will also consider necessary modifications to the physical work environment, or to the way a job is usually performed, so an individual with a disability can perform the essential functions of the position. Additional accommodations will be considered that enable an employee with a disability to enjoy equal benefits and privileges of employment like those that are enjoyed by other employees without disabilities.

For more information about our company, visit us at www.plmr.com. Palomar is an Equal Opportunity Employer.

No phone calls or agency solicitation please

Pay Range: $95,000-$140,000

The above pay range is for all US-based roles based on function and level, benchmarked against companies of similar size and scope. To be compliant with local legislation as well as provide greater transparency to candidates, we disclose salary ranges on all job postings regardless of the desired job location. We also offer a competitive annual discretionary bonus program and the opportunity for annual long-term incentive stock grants. In addition, we offer a highly competitive benefits package. Final offer amounts are determined by multiple factors, including candidate experience and qualifications, and may vary from the amounts listed above.

CCPA Job Applicant:

#PalomarPride #Insurancejobs #hiring