Senior AWS Information Security Engineer

92128, San Diego

 

ICW Group is one of the leading providers of Workers' Compensation insurance in the country. ICW Group is headquartered in San Diego and is supported by our regional offices located throughout the United States.

ICW group is hiring a Senior AWS Information Security Engineer to design secure architectures and develop cybersecurity approaches and techniques to evaluate the security of a system or network. Strong experience in AWS Cloud Security services preferred. Top candidates will have successfully designed security for AWS integration.

  • 3+ years of experience in AWS Cloud Security services preferred.
  • 8+ years of experience working in a security engineering related role
  • Certification in CISSP preferred.
  • AWS Certified Security – Specialty, preferred

ESSENTIAL DUTIES AND RESPONSIBILITIES

Monitors and defends information systems against unauthorized access, modifications and/or destruction.

  • Leads and participates in security architecture controls reporting, compliance audits, monthly and ad-hoc statistics and trends, and risk-focused reports including internal and 3rd party Risk Assessments.
  • Monitors networks and systems for security breaches, using software that detects intrusions and anomalous system behavior and develops strategies to respond to and recover from a security breach.
  • Leads security incident response, including preparation, detection, analysis, containment, eradication, and recovery.

Leads and runs complex security related projects and resolves security related issues.

  • Resolves complex security projects and issues. Develops a set of security standards to respond to and recover from a security breach.
  • Provides support by proposing solutions, coordinating implementation, and enforcing information systems security policies, standards, and methodologies.
  • Uses advanced technologies including Intrusion Detection & Prevention Systems (IDS/IPS), Firewalls, SIEM, Antivirus, Network Packet Analyzers, Malware analysis and forensics tools to detect intrusions, breaches in compliance, etc.
  • Prepares and analyses system security reports by collecting, analyzing, and summarizing data and trends and makes recommendations to improve security.
  • Maintains operational security posture for an information system or program to ensure information system security policies, standards, and procedures are established and followed.
  • Creates and updates technical security standards for assets and software.

Serves as cyber security technical subject matter expert and trainer and primary resource for the organization.

  • Provides information security expertise to system development teams throughout the life cycle process.
  • Partners with systems engineering teams to ensure system design and implementation are consistent with company policies, requirements, and directives.
  • Leads and conducts information security risk assessments including documenting processes, service level agreements and best practices.
  • Develops the overall security design, development, testing and implementation of security solutions. Recommends compliance strategies that support customer requirements and alignment to company policy.

Partners with project management and other internal teams in determining overall security solutions.

  • Executes technical and process changes required to adopt, maintain, and adjust InfoSec controls as required to manage the company's risks and align with industry best practices.
  • Works with peers in other internal groups to drive technical security risk down in targeted areas.
  • Takes end-to-end ownership of one or more security tools and metrics, driving risk down actively across the company.

EDUCATION AND EXPERIENCE

  • Minimum 3-5 years of experience in AWS Cloud Security services preferred. Direct experience using advanced technologies such as Intrusion Detection & Prevention Systems (IDS/IPS), Firewalls, SIEM, Antivirus software, Network Packet Analyzers, content filtering, Malware analysis and forensics tools to detect intrusions.
  • Experience with AWS Services such as AWS Identity & Access Management, AWS Organizations, AWS Security HuB, Guard Duty, CloudTrail, AWS CloudTrail.
  • Bachelor's Degree from four-year college or university required with major or emphasis Engineering, Cybersecurity, Networking, or Computer Science related discipline.
  • Minimum 8 years of experience working in a security engineering related role designing secure networks, systems and application architectures or equivalent combination of education and experience required.
  • Experience in cyber security role requiring knowledge of data analysis, risk assessment, risk mitigation, investigation methods, incident management concepts and practices, and policy and procedure development.

CERTIFICATES, LICENSES, REGISTRATIONS

  • Certification in CISSP preferred.
  • AWS Certified Security – Specialty, preferred