favorite this post IT Security Engineer - Amalgamated Life Insurance (White Plains) hide this posting unhide

333 Westchester Avenue

(google map)

compensation: Negotiable
employment type: full-time

Amalgamated Life Insurance Company

Founded in 1943, Amalgamated Life Insurance Company is now recognized as one of the nation's leading providers of high quality life, health and worksite/voluntary insurance solutions. The Company's high quality claims management and fiscal stability have earned it over 40 consecutive A.M. Best "A" (Excellent) ratings since 1975, as well as six consecutive placements on the "Ward's 50" list of the nation's top performing insurance companies. Headquartered in White Plains, NY, Amalgamated Life is an employee-centered organization with a robust, highly-competitive employee benefits and compensation package. Employees enjoy a pleasant, modern workplace environment, which features state-of-the-art technology, onsite café and fitness facilities. The Company sponsors many nonprofit and charitable endeavors and supports its employees' participation in these worthwhile causes. Amalgamated Life is a member of the Amalgamated Family of Companies.


Amalgamated Life Insurance takes pride in the competitive and extensive benefit programs that are offered to our full-time employees.
Alicare benefits package includes: Health and Dental Insurance
Optical Coverage
Disability Coverage: Short-Term & Long-Term Plans
Life Insurance Coverage
Pension Plan
401(k) Plan
Fidelity Goal Planner After-Tax Savings Plan
Flexible Spending Accounts for Health Care and Dependent Care
Tuition Reimbursement
Fitness Gym Membership Discounts
e-TRAC (New York)
Time off Benefits: Vacation, Sick
Days, Personal Days, Holidays
Opt-Out Reimbursement Program
Employee Referral Award Program

This Employer Participates in E-Verify. See the E-Verify notices. Este Empleador Participaen E-Verify. Ver el E-Verify avisos.

IT Security Engineer

Acts as a Subject Matter Expert for Information Security and recommends best practices as needed
Assess existing platform and application hardening guidelines against industry standards.
Perform Risk Assessments against the technology environment and systems, work with appropriate teams to ensure proper understanding of potential gaps, and propose strategic but practical response plan
Identify and access risk findings within the environment with respect to risk definition and development of associated remediation plans
Provide support for ID Governance initiatives e.g. Access Recertification, user provisioning/deprovisioning etc. technologies and related processes
Provide support for Web filtering, Encryption, Data Leakage Prevention tools and related processes
Implement Application Whitelisting controls across the environment
Perform threats and vulnerability assessment and provide subject matter expertise on appropriate threats mitigation and patch management processes
Assist with the development and implementation of global security policy, standards, procedures and work instructions to ensure ongoing maintenance of security
Oversee key IS defense elements including network security architecture, network access and monitoring policies
Perform incident response planning as well as the investigation of security breaches, and assist with such breaches as necessary
Oversee execution of approved information security project plans and provide regular status reporting on progress of such projects.
Develop and generate appropriate metrics (key risk and performance indicators) to measure the IS program and related processes
Assist with and provide response and remediation plans to internal and external Audit findings
Perform mandatory periodic review of Security Controls logs/activity
Develop and present Security Awareness Training initiatives
Coordinates reporting from internal systems & external monitoring services
Works in conjunction with and assists helpdesk personnel with security-related items
Drives resolution of security alerts or incidents
Assists Director of Information Security in technical implementation of company policy
Recommends, plans, designs, implements, & monitors complex security solutions
Other duties as assigned
10+ years IT experience
5+ years IT Security experience
Understanding of the healthcare/financial regulatory environment
Solid understanding of technology and Information Security domains
AS/BS degree in Engineering/Mathematics/Computer Science or related discipline
CISSP certification a plus
Must be able to work on-site in White Plains, NY
Job Requirements

Active Directory
Server 2012/2016
Windows 10
PKI/Certificate Services Administration
Database Security Administration
Email Security
Web filtering
Identity and Access Management (IAM)
Data Leak Prevention (DLP)
Vulnerability Scanning
Anti-Malware Technologies
Cisco Switches, Routers
Soft Skills:

Ability to work with minimal supervision
Ability to interface with a wide variety of people and business units within the company
Ability to work with external vendors & solution providers
Stays up-to-date with current and emerging security technologies
Handles confidential matters with discretion
Ability to multi-task
Good communication skills, interpersonal skills
Nice to have:

HIPAA/HITECH knowledge
Knowledge of ISO27001, NIST 800-53, CIS, DISA and similar standards
Experience with IT audits
HSM/Key Management Experience
Metasploit, Nessus, Kali, other penetration testing tools
  • Principals only. Recruiters, please don't contact this job poster.
  • do NOT contact us with unsolicited services or offers

post id: 6812924164



best of [?]