Senior IT Security Engineer
Posted on Jun 21, 2020 by Hanover Insurance Group
The Hanover s Information Security team is looking to bring on a Senior
Information Security Engineer to join us in Worcester, MA or Glastonbury, CT
This Engineer will provide subject matter expertise and guidance on complex
projects/initiatives. They will be responsible for building, maintaining, and
improving the organization s threat detection and response capabilities. Th
Engineer will collaborate within the InfoSec team and across partner business
units to improve our cyber security posture.
This is a Full-time, Exempt role.
A successful Senior Cyber Security Engineer is a strong communicator and
relationship builder, who uses soft-skills to persuade stakeholders to: achieve
consensus, obtain commitment, and take action. Senior engineers are expected to
directly mentor less experienced engineers and technicians, while consistently
demonstrating behaviors aligned with our core values.
* Researches, designs, and integrates information security solutions and
controls across the enterprise in a way that is transparent to end users,
supports executive strategies, and fundamentally ensures the security of
the information The Hanover is entrusted to protect
* Directs and enhances organizational initiatives by positively influencing
and supporting change management and/or departmental/enterprise
initiatives within assigned area(s) of responsibility.
* Assesses operational business processes to ensure security is
* Responds to metrics for incremental improvements in control design
* Assess and plans changes with high regard to change management rigor
* Assesses potential risks with new applications and products and provide
security requirements and recommendations for risk mitigation to help the
business succeed with their projects.
* Consults as security subject matter expert with networking, architecture,
developers, and others on solutions to security problems.
* Directly engages in advanced troubleshooting and delivery with
stakeholders, including end-users.
* Provides information security engineering support across organization
including off-hours support and on-call rotations as appropriate.
* Ensures reports and findings are delivered in a timely and appropriate
manner to management, operations and executive leadership.
* Recommends new security policy, standards, best practices, and system
configuration standards. Consults with internal clients on security
topics and policy interpretation.
* Identifies higher risk areas of the infrastructure for assessment.
* Coordinates activities across multiple departments and business units.
* Maintains knowledge on current and emerging developments/trends for
assigned area(s) of responsibility, assesses the impact, and collaborates
with senior management to incorporate new trends and developments in
current and future solutions.
* Identifies and directs the implementation of process improvements that
significantly improve quality across the team, department and/or business
unit for his/her assigned area(s) of responsibility.
* Provides subject matter expertise to team members and applicable
internal/external stakeholders on complex assignments/projects for
assigned area(s) of responsibility.
* Provides direction on complex assignments, projects, and/or initiatives
to build and enhance the capability of assigned area(s) of
* Creates, scripts, and maintains mission critical correlation searches and
alerts leveraging diverse log sources and types
* Provides subject matter expertise in security logging and alerting best
practices to detect and prevent security incidents.
* Optimizes alerting and response techniques utilizing complex and/or
cutting-edge machine learning, automation, and orchestration techniques.
* Provides subject matter expertise for alerting and analyzing security
events within the Security Operations Center to prevent and address
* Monitors and provides assurance of the overall health and effectiveness
of prevention, detection, and response capabilities.
* Contributes to building and improving cybersecurity procedures
* Collaborates with cybersecurity engineering and cyber threat intelligence
teams to implement and tune security tools used by InfoSec operations.
* Provides training and mentoring to information security team members.
* 5+ years of IT Security experience, in areas such as security operations,
incident analysis, incident handling, and vulnerability management or
testing, log analysis, intrusion detection that directly relates to the
responsibilities of this position. (required)
* 4-year/Bachelor's degree or equivalent work experience (4 years of
experience in lieu of Bachelor's) (Minimum Required)
* Hands-on experience with a variety of cyber security tools
* Hands-on experience in a Windows / Linux environment
* Must have excellent trouble-shooting and problem-solving skills
* Demonstrated understanding of Security Fundamentals, General IT
knowledge, Network Systems, Firewalls, IDS/IPS Systems, Windows & Linux
Systems Administration, SEIM technologies, Windows/Linux and MAC
operating systems, Desktop Engineering, Cloud Technologies, Mobile and
* Demonstrated experience with scripting languages such as PowerShell,
Perl, and Python
* At least one security certification
Personal and Professional Competencies:
* Ability and commitment to communicate effectively, consistently chooses
communication methods to ensure critical information reaches and
persuades intended audience
* Strong team player. Uses strong interpersonal skills to build
partnerships with stakeholders and peers
* Possesses leadership qualities
* Persuades stakeholders to achieve positive outcomes
* Demonstrates a strong sense of accountability (ownership and commitment)
toward leading peers and stakeholders on critical projects and tasks;
making, meeting and communicating progress.
Set up alerts to get notified of new vacancies.
$110k - $130k Annual