Our IT Security team is seeking an Information Security Engineer to join our growing team in a remote work arrangement or in our Worcester, MA office.

POSITION OVERVIEW:

She/He will provide subject matter expertise and guidance on complex projects/initiatives. She/He will be responsible for building, maintaining, and improving the organization’s threat detection and response capabilities.

She/He will collaborate within the InfoSec team and across partner business units to improve our cybersecurity posture. A successful engineer is a strong communicator and relationship builder, who uses soft skills to persuade stakeholders to: achieve consensus, obtain commitment, and take action.

IN THIS ROLE, YOU WILL:

• Builds, integrates, and supports information security solutions supporting executive strategies and ensuring the security of the information The Hanover is entrusted to protect.
• Contributes to organizational initiatives within assigned area(s) of responsibility.
• Collaborates with networking team, architects, developers, and others to ensure security.
• Directly engages in troubleshooting and delivery with stakeholders, including end-users.
• Provides information security engineering support across the organization –including off-hours support and on-call rotations as appropriate.
• Applies best practices for security logging and alerting to prevent and detect security incidents.
• Monitors and provides assurance of the overall health and effectiveness of prevention, detection, and response capabilities
• Operates and ensures integrity of certificate management
• Provides subject matter expertise for alerting and analyzing security events within the Security Operations Center to prevent and address security incidents
• Collaborates with cybersecurity engineering and cyber threat intelligence teams to implement and tune security tools used by InfoSec operations
• Enforces Technology Lifecycle Management for assigned technologies
• Responds to metrics for incremental improvements in control design
• Hands-on experience and support in at least 2 areas of security technology controls: application, network, system and data security technology controls
• Supports strict change regimen (Impacts of doing it/not doing it, Enumerated plan and backout, different eyes on checkout, reasonable windows, conflicts)
• Technology Accountability for engineering of security controls that are resilient, measured, documented, maintained, tuned and well understood by operations.
• Communications technical clarity & succinctness backed up by facts

WHAT YOU NEED TO APPLY:

• 3+ years of IT Security experience, in areas such as security operations, incident analysis, incident handling, and vulnerability
• 4-year/Bachelor's degree or equivalent work experience (4 years of experience in lieu of Bachelor's) (Minimum Required)
• management or testing, log analysis, intrusion detection that directly relates to the responsibilities of this position. (required)
• Hands-on experience with a variety of cybersecurity tools
• Hands-on experience in a Windows / Linux environment
• Hands-on experience with endpoint encryption, endpoint protection, anti-virus, security monitoring agents, vulnerability scanning, content analysis and filtering, data loss prevention.
• Demonstrated experience with scripting languages such as PowerShell, Perl, and Python
• Must have excellent trouble-shooting and problem-solving skills
• Demonstrated understanding of Security Fundamentals, General IT knowledge, Network Systems, Firewalls, IDS/IPS Systems, Windows & Linux Systems Administration, Windows/Linux and MAC operating systems, Desktop Engineering, Cloud Technologies, Databases, and Software Development
• Security certifications such as CISSP, CISM, CompTIA's Security+, CEH required or to be obtained Ability and commitment to communicate effectively, consistently chooses communication methods to ensure critical information reaches and persuades intended audience
• Strong team player. Uses strong interpersonal skills to build partnerships with stakeholders and peers
• Possesses leadership qualities
• Persuades stakeholders to achieve positive outcomes
• Demonstrates a strong sense of accountability (ownership and commitment) toward leading peers and stakeholders on critical projects and tasks; making, meeting and communicating progress.