ICW Group
Join to apply for the
Information Security Engineer III
role at
ICW Group . Are you looking to make an impactful difference in your work, yourself, and your community? Why settle for just a job when you can land a career? At ICW Group, we are hiring team members who are ready to use their skills, curiosity, and drive to be part of our journey as we strive to transform the insurance carrier space. We're proud to be in business for over 50 years, and it is our change agents like yourself that will help us continue to deliver our mission to create the best insurance experience possible. Headquartered in San Diego with regional offices located throughout the United States, ICW Group has been named for ten consecutive years as a Top 50 performing P&C organization offering the stability of a large, profitable and growing company combined with a focus on all things people. It is our team members who make us an employer of choice and the vibrant company we are today. We strive to make both our internal and external communities better everyday! Purpose of the Job
The purpose of this job is to design secure architectures and develop cybersecurity approaches and techniques to evaluate the security of a system or network. This position will assist with strategic initiatives for short and long‑term plans to identify and reduce the attack surface across applications and systems. The position exists to monitor and defend ICW Group’s technology against potential threats that jeopardize the financial growth and security goals of the company. Essential Duties and Responsibilities
Monitors networks and systems for security breaches, using software that detects intrusions and anomalous behavior and develops strategies to respond to and recover from a breach. Leads security incident response, including preparation, detection, analysis, containment, eradication, and recovery. Researches and implements methods to remediate network and application security vulnerabilities. Leads and participates in security architecture controls reporting, compliance audits, monthly and ad‑hoc statistics and trends, and risk‑focused reports including internal and third‑party risk assessments. Utilizes automated tools to identify, assess, and report security concerns, with emphasis placed on effective communication to stakeholders. Leads and runs complex security‑related projects and resolves security related issues. Provides support by proposing solutions, coordinating implementation, and enforcing information systems security policies, standards, and methodologies. Use advanced technologies including IDS/IPS, firewalls, SIEM, antivirus, network packet analyzers, and malware analysis and forensics tools to detect intrusions. Prepares and analyzes system security reports by collecting, analyzing, and summarizing data and trends and makes recommendations to improve security. Maintains operational security posture for an information system or program to ensure information system security policies, standards, and procedures are established and followed. Creates and updates technical security standards for assets and software. Provides information security expertise to system development teams throughout the life cycle process. Partners with systems engineering teams to ensure design and implementation are consistent with company policies. Leads and conducts information security risk assessments including documenting processes, service level agreements, and best practices. Develops the overall security design, development, testing and implementation of security solutions. Ensures security quality, adherence to guidelines, profitability, and information security related metrics for self and assigned projects. Collaborates with key stakeholders on remediation strategies and follows remediation activities through closure. Executes technical and process changes required to adopt, maintain, and adjust InfoSec controls as required to manage the company's risks. Works with peers in other internal groups to drive technical security risk down in targeted areas. Takes end‑to‑end ownership of one or more security tools and metrics, driving risk down actively across the company. Contributes to the continual enhancement of the IT security infrastructure program through governance, core processes, and technology. Coaches and educates others to increase early detection rates and decrease IT risk and security. Supervisory Responsibilities
This position has no supervisory responsibility but may mentor and train junior engineers. Education and Experience
Bachelor’s degree from a four‑year college or university required with major or emphasis in Engineering, Cybersecurity, Networking, or Computer Science. Minimum eight years of experience working in a security engineering role designing secure networks, systems, and application architectures, or an equivalent combination of education and experience. Minimum three to five years of experience in AWS Cloud Security services preferred. Direct experience using advanced technologies such as IDS/IPS, firewalls, SIEM, antivirus, network packet analyzers, content filtering, malware analysis, and forensics tools. Experience in a cyber security role requiring knowledge of data analysis, risk assessment, risk mitigation, investigation methods, incident management, and policy development. Experience with AWS services such as IAM, Organizations, Security Hub, GuardDuty, CloudTrail, and AWS CloudTrail. Certificates, Licenses, Registrations
Certifications in GSEC, CISSP, and/or Security+ preferred. AWS Certified Security – Specialty preferred. Knowledge and Skills
Knowledge of risk assessment tools, disaster recovery, forensic tools, enterprise security platforms, endpoint security solutions including file integrity monitoring and data loss prevention. Ability to communicate security issues to peers and management, read and interpret technical and security reports, and present technical information to non‑technical audiences. Demonstrated experience as a lead engineer in design, implementation, and support in an enterprise IT environment. Ability to apply logical and scientific thinking to solve complex operational problems, hypothesize root cause of inefficiencies, and test solutions. Proficiency in English and effective communication skills. Physical Requirements
Office environment – employees are required to sit, walk, stand, talk, and hear. Employees must reach with hands and arms, stoop, kneel, crouch, or crawl, and occasionally lift or move up to 30 pounds. Employees must have visual acuity and be capable of operating and viewing computers and other electronic devices for extended periods of time. Work Environment
This position operates in an office environment and requires the frequent use of a computer, telephone, copier, and other standard office equipment. Salary
The current range for this position is $121,624.81 – $217,710.99. This range is exclusive of fringe benefits and potential bonuses. Final base salary compensation will be determined by factors including experience, education, and the location of the role. Why Join ICW Group
Challenging work and the ability to make a difference You will have a voice and feel a sense of belonging We offer a competitive benefits package, with generous medical, dental, and vision plans as well as 401(k) retirement plans and company match Bonus potential for all positions Paid Time Off with an accrual rate of 5.23 hours per pay period (equal to 17 days per year) 11 paid holidays throughout the calendar year Want to continue learning? We’ll support you 100% ICW Group is committed to creating a diverse environment and is proud to be an Equal Opportunity Employer. ICW Group will not discriminate against an applicant or employee on the basis of race, color, religion, national origin, ancestry, sex/gender, age, physical or mental disability, military or veteran status, genetic information, sexual orientation, gender identity, gender expression, marital status, or any other characteristic protected by applicable federal, state or local law. At ICW Group we offer a work environment that encourages entrepreneurialism and celebrates success. Our team members are hands‑on contributors who are given the opportunity to make an impact. It's our people who make us an employer of choice and the vibrant company we are today. Job Category:
IT Job Type:
Full time Req ID:
JR101001 Senior level: Mid‑Senior level Employment type: Full‑time Job function: Information Technology Industries: Insurance
#J-18808-Ljbffr
Information Security Engineer III
role at
ICW Group . Are you looking to make an impactful difference in your work, yourself, and your community? Why settle for just a job when you can land a career? At ICW Group, we are hiring team members who are ready to use their skills, curiosity, and drive to be part of our journey as we strive to transform the insurance carrier space. We're proud to be in business for over 50 years, and it is our change agents like yourself that will help us continue to deliver our mission to create the best insurance experience possible. Headquartered in San Diego with regional offices located throughout the United States, ICW Group has been named for ten consecutive years as a Top 50 performing P&C organization offering the stability of a large, profitable and growing company combined with a focus on all things people. It is our team members who make us an employer of choice and the vibrant company we are today. We strive to make both our internal and external communities better everyday! Purpose of the Job
The purpose of this job is to design secure architectures and develop cybersecurity approaches and techniques to evaluate the security of a system or network. This position will assist with strategic initiatives for short and long‑term plans to identify and reduce the attack surface across applications and systems. The position exists to monitor and defend ICW Group’s technology against potential threats that jeopardize the financial growth and security goals of the company. Essential Duties and Responsibilities
Monitors networks and systems for security breaches, using software that detects intrusions and anomalous behavior and develops strategies to respond to and recover from a breach. Leads security incident response, including preparation, detection, analysis, containment, eradication, and recovery. Researches and implements methods to remediate network and application security vulnerabilities. Leads and participates in security architecture controls reporting, compliance audits, monthly and ad‑hoc statistics and trends, and risk‑focused reports including internal and third‑party risk assessments. Utilizes automated tools to identify, assess, and report security concerns, with emphasis placed on effective communication to stakeholders. Leads and runs complex security‑related projects and resolves security related issues. Provides support by proposing solutions, coordinating implementation, and enforcing information systems security policies, standards, and methodologies. Use advanced technologies including IDS/IPS, firewalls, SIEM, antivirus, network packet analyzers, and malware analysis and forensics tools to detect intrusions. Prepares and analyzes system security reports by collecting, analyzing, and summarizing data and trends and makes recommendations to improve security. Maintains operational security posture for an information system or program to ensure information system security policies, standards, and procedures are established and followed. Creates and updates technical security standards for assets and software. Provides information security expertise to system development teams throughout the life cycle process. Partners with systems engineering teams to ensure design and implementation are consistent with company policies. Leads and conducts information security risk assessments including documenting processes, service level agreements, and best practices. Develops the overall security design, development, testing and implementation of security solutions. Ensures security quality, adherence to guidelines, profitability, and information security related metrics for self and assigned projects. Collaborates with key stakeholders on remediation strategies and follows remediation activities through closure. Executes technical and process changes required to adopt, maintain, and adjust InfoSec controls as required to manage the company's risks. Works with peers in other internal groups to drive technical security risk down in targeted areas. Takes end‑to‑end ownership of one or more security tools and metrics, driving risk down actively across the company. Contributes to the continual enhancement of the IT security infrastructure program through governance, core processes, and technology. Coaches and educates others to increase early detection rates and decrease IT risk and security. Supervisory Responsibilities
This position has no supervisory responsibility but may mentor and train junior engineers. Education and Experience
Bachelor’s degree from a four‑year college or university required with major or emphasis in Engineering, Cybersecurity, Networking, or Computer Science. Minimum eight years of experience working in a security engineering role designing secure networks, systems, and application architectures, or an equivalent combination of education and experience. Minimum three to five years of experience in AWS Cloud Security services preferred. Direct experience using advanced technologies such as IDS/IPS, firewalls, SIEM, antivirus, network packet analyzers, content filtering, malware analysis, and forensics tools. Experience in a cyber security role requiring knowledge of data analysis, risk assessment, risk mitigation, investigation methods, incident management, and policy development. Experience with AWS services such as IAM, Organizations, Security Hub, GuardDuty, CloudTrail, and AWS CloudTrail. Certificates, Licenses, Registrations
Certifications in GSEC, CISSP, and/or Security+ preferred. AWS Certified Security – Specialty preferred. Knowledge and Skills
Knowledge of risk assessment tools, disaster recovery, forensic tools, enterprise security platforms, endpoint security solutions including file integrity monitoring and data loss prevention. Ability to communicate security issues to peers and management, read and interpret technical and security reports, and present technical information to non‑technical audiences. Demonstrated experience as a lead engineer in design, implementation, and support in an enterprise IT environment. Ability to apply logical and scientific thinking to solve complex operational problems, hypothesize root cause of inefficiencies, and test solutions. Proficiency in English and effective communication skills. Physical Requirements
Office environment – employees are required to sit, walk, stand, talk, and hear. Employees must reach with hands and arms, stoop, kneel, crouch, or crawl, and occasionally lift or move up to 30 pounds. Employees must have visual acuity and be capable of operating and viewing computers and other electronic devices for extended periods of time. Work Environment
This position operates in an office environment and requires the frequent use of a computer, telephone, copier, and other standard office equipment. Salary
The current range for this position is $121,624.81 – $217,710.99. This range is exclusive of fringe benefits and potential bonuses. Final base salary compensation will be determined by factors including experience, education, and the location of the role. Why Join ICW Group
Challenging work and the ability to make a difference You will have a voice and feel a sense of belonging We offer a competitive benefits package, with generous medical, dental, and vision plans as well as 401(k) retirement plans and company match Bonus potential for all positions Paid Time Off with an accrual rate of 5.23 hours per pay period (equal to 17 days per year) 11 paid holidays throughout the calendar year Want to continue learning? We’ll support you 100% ICW Group is committed to creating a diverse environment and is proud to be an Equal Opportunity Employer. ICW Group will not discriminate against an applicant or employee on the basis of race, color, religion, national origin, ancestry, sex/gender, age, physical or mental disability, military or veteran status, genetic information, sexual orientation, gender identity, gender expression, marital status, or any other characteristic protected by applicable federal, state or local law. At ICW Group we offer a work environment that encourages entrepreneurialism and celebrates success. Our team members are hands‑on contributors who are given the opportunity to make an impact. It's our people who make us an employer of choice and the vibrant company we are today. Job Category:
IT Job Type:
Full time Req ID:
JR101001 Senior level: Mid‑Senior level Employment type: Full‑time Job function: Information Technology Industries: Insurance
#J-18808-Ljbffr