Palomar is a growing insurance provider that is building an extraordinary business around an exceptional team of employees. As a result, we are seeking both experienced professionals and recent college graduates who are up to the challenge of helping us build a unique brand in the insurance business. If you are looking to thrive in a dynamic work environment where your contributions will be recognized and rewarded, we would like to talk to you about joining our collaborative, energetic, and hard-working team.
We are currently seeking to fill the following position:
Job Title: Cyber Security Engineer
Primary Location: La Jolla, CA, Minneapolis, MN
Schedule: Full Time
We are seeking a Cyber Security Engineer who will be reporting to the Chief Information & Security Officer. The ideal candidate for this position is someone with 4-5 years’ experience working as a cyber security professional. This position will work closely with the cloud services team to implement security strategies and solutions. The ideal candidate will provide strategic guidance and hands on implementation of best practices security solutions.
Responsibilities and Essential Duties include but are not limited to:
- Serve as a security subject matter expert in a consultative capacity with the infrastructure teams by conducting security reviews/remediation at various stages of the systems and capability deployments.
- Perform threat modeling, architecture reviews, and ensure critical vulnerabilities are identified, communicated to team members, and drive delivery of mitigations.
- Manage security policy and control lifecycle across publication, enforcement, update, and audit.
- Research and recommend changes to procedures and systems to enhance systems and data security
- Develop and deliver security training to the company.
- Research emerging technologies and maintain awareness of current security risks in support of security enhancement and development efforts.
- Coordinate around, participate in, and manage information security projects and infrastructure projects
- Develop and implement tools to test, monitor, and enforce security policy; including metrics to understand policy effectiveness.
- Be proactive, accountable, autonomous, and solutions oriented.
- Automate security processes to reduce as much manual work as possible.
- Maintains SIEM and administers security policies to control access to systems.
- Monitor, triage, and response to SIEM alerts.
- Perform technical analysis of complex software, systems, hardware, and network environments
- Execute security controls to prevent hackers from infiltrating company information or jeopardizing programs.
- Research attempted efforts to compromise security protocol and recommends solutions.
- Responds to information security-related questions and inquiries using established information security tools and procedures.
- Resolves and/or performs follow through to resolve all information security issues and questions.
- Research the latest in information technology security trends to keep up to date with the subject and use the latest technology to protect information.
- Conduct frequent testing of simulated cyber-attacks to look for vulnerabilities in the computer systems and take care of these before an outside cyber-attack.
Education Requirements/Professional Experience and Qualifications:
- BS degree in Computer Science, Information Systems, Engineering, or relevant experience
- 5 plus years relevant experience in Information Technology.
- 3 plus years of experience in some combination of cloud security, infrastructure security, penetration testing, firewall management, network security, identity management, security tools, architecture review.
- Solid grounding in information security fundamentals, host and network security hardening and requirements; networking protocols; common intrusion techniques; and common risk management concepts.
- Knowledge of OWASP, SANS Top 20 Critical Security Controls and NIST Vulnerability Database (CVE & CCE)
- Demonstrated a high degree of attention to detail and accuracy.
- Deep understanding of Information Technology security solutions.
- Experience in finance or insurance industry a plus
- Experience with:
- Integrating security into SDLC including static analysis, dependency scanning, dynamic testing.
- Performing technical analysis of complex software, systems, hardware, and network environments.
- Using web application vulnerability scanning tools and with manual web application testing
- CISSP, Cisco, Microsoft, or other security certifications.
- Securing cloud IAAS and PAAS environments (Azure, Google Cloud, AWS)
- ADFS, Azure AD, Okta, Oauth, OIDC and other Identity Management capabilities.
- Establishing and utilizing measurements, processes, and metrics to manage support activities.
- Cyber security standards/organizations (such as ITIL, NIST, COBIT, ISO, PCI)
- PowerShell, python or Perl development and automation capabilities.
- Log collection and storage.
- Anti-Virus, HIDS, HIPS, NIDS, NIPS solutions.
- Network monitoring tools to monitor attacks/threats and doing the initial triage of findings.
- Understanding of the following tools: SIEM, IDS / IPS, vulnerability scanners or similar products.
Compensation and Benefits:
Palomar offers a competitive compensation and benefits package that includes but is not limited to: Medical, Dental, Vision, Company-paid Life and AD&D Insurance, Company-Paid Long Term Disability benefits, Annual and Long-Term Financial Incentives, 401(k) Retirement Plan (with Company-paid Contributions), Paid Time Off, Paid Holidays, Professional Development Assistance, Paid Parking and more.
Palomar will consider reasonable accommodations to ensure a qualified applicant with a disability can be considered for the position. Palomar will also consider necessary modifications to the physical work environment, or to the way a job is usually performed, so an individual with a disability can perform the essential functions of the position. Additional accommodations will be considered that enable an employee with a disability to enjoy equal benefits and privileges of employment like those that are enjoyed by other employees without disabilities.
Palomar is an equal opportunity employer and provides equal opportunities for employment and advancement to all qualified individuals, regardless of race (including traits associated with race), color, creed, national origin or ancestry, citizenship, age, religion, sex, gender, gender identity, gender expression, pregnancy, genetic information or characteristics, sexual orientation, marital status, physical or mental disability, medical condition, past, current or prospective service in the uniformed services, or any other consideration or characteristic made unlawful by federal, state or local laws.
Disclaimer: This job description is designed to provide a general overview of the requirements of the job and does not entail a comprehensive listing of all activities, duties, or responsibilities that will be required in this position. Nothing in this job description restricts management’s right to assign or reassign duties and responsibilities to this job at any time.
For more information about our company, visit us at www.plmr.com. No phone calls or agency solicitation please. Palomar is an Equal Opportunity Employer.
At Palomar, we are committed to safeguarding the health and well-being of our employees, customers, partners, suppliers, and job candidates. We are actively monitoring the situation related to COVID-19 and are continuing to hire qualified candidates to better serve our customers. To ensure your safety as a job candidate and compliance with our COVID-19 protocols and recommendations/guidelines from the CDC, State and Local Health Officials, we may be relying on virtual interviewing and other digital communications. Our recruiting team is committed to providing the support you need throughout the hiring and onboarding process. We appreciate your understanding and flexibility during this time.