Senior Security Specialist - REMOTE

The Hartford

Remote Oregon

United States

Customer Service / Call Center
(No Timezone Provided)

You are a driven and motivated problem solver ready to pursue meaningful work. You strive to make an impact every day & not only at work, but in your personal life and community too. If that sounds like you, then you've landed in the right place.

The Hartford’s Information Protection (THIP) organization is looking for a talented security professional to join a high-performing team responsible for governing, managing and delivering our company’s cybersecurity defenses. As a Senior Security Specialist, this position will provide the individual an opportunity to help shape the direction of our company’s cyber security programs by providing thought leadership, professional support, and valued contributions to a range of activities. We are looking for an experienced security professional with strong technical skills across various security technologies, working knowledge of security incident response protocols, monitoring security technologies in an enterprise environment and an awareness of emerging cyber threats and trends.

This role within our Threat Management team will provide level 2 and level 3 Security Operations Center (SOC) and incident response escalation support for the THIP Incident Response (IR) team including some threat hunting responsibilities. The candidate will collaborate and have significant interaction with the Hartford’s third party managed SOC vendor. This position plays a critical role in detecting and responding to potential security incidents while helping to improve the Hartford’s incident response capabilities.

RESPONSIBILITIES:

  • Reviewing the on premise SIEM platform on a daily basis to detect potential security events, primarily to review, vet and triage L1 escalated events.
  • Perform analysis of logged security correlations and of event data from firewalls, IPS, endpoint security, proxies and other network and security technologies. Performing triage and investigation on incidents to determine risk level and remediation
  • Using enterprise security technologies to continuously monitor the company’s assets, conduct technical analysis of network traffic to identify anomalies and then taking action to respond to potential vulnerabilities and threats. 
  • Escalation of priority incidents to infrastructure, security and other internal teams as necessary
  • Recommend and provide input to security monitoring and detection rules to improve fidelity of alerts
  • Detect incidents through proactive “hunting” analysis of security-relevant data sets
  • Taking an active role in supporting broader Security Incident Response protocols, including partnering with other technology areas to respond and recover in a coordinated and timely manner.
  • QUALIFICATIONS:

  • College degree in Computer Science, Information Security, Engineering, related field, or equivalent experience.
  • 5+ years of work experience in Information Security, and 4+ years in similarly technical roles, such as those working with networking, client and server management.
  • Knowledge of common Internet protocols, applications and networking technologies.
  • Experience in monitoring hybrid cloud environments is desired. (AWS, Azure AD, Microsoft Cloud/M365)
  • Experience navigating and querying current SIEM technologies is preferred (Splunk, QRadar, SumoLogic, Microsoft Sentinel, etc.)
  • Experience using/querying TIP (Threat Intelligence Platforms) are desirable.
  • Knowledge of attack vectors (malware, web application, social engineering, etc.)
  • Understanding of behavior and capabilities of malware and identifying indicators of compromise and usage of sandboxing technologies or services.
  • Knowledge of various security methodologies and processes, and technical security solutions (firewall, packet analysis, SIEM, endpoint detection and response and intrusion detection systems)
  • Practical experience of operating systems (Linux, Windows, MacOS), network communication protocols, firewalls, web application firewalls, packet analysis, log analysis, endpoint security technologies.
  • Demonstrated experience in effectively partnering across organizational teams, working collaboratively with professionals that support end-user services, network technologies, cloud computing, infrastructure, and applications. 
  • An ability to identify and assesses the severity and potential impact of threats and communicate assessment findings in a way that consistently drives objective, fact-based decisions.
  • Strong decision-making capabilities with a proven ability to weigh relative business impacts against the importance of security measures.
  • A willingness to continuously learn and develop skills commensurate to this role and other potential growth opportunities within and across the organization.
  • Industry recognized certifications, ISC2, GIAC, ISACA certifications are preferred.
  • Remote candidates welcome

    Must be authorized to work in the US without company sponsorship

    Equal Opportunity Employer/Females/Minorities/Veterans/Disability/Sexual Orientation/Gender Identity or Expression/Religion/Age

    Information Security Senior Specialist - IS07EE

    Senior Security Specialist - REMOTE

    The Hartford

    Remote Oregon

    United States

    Customer Service / Call Center

    (No Timezone Provided)

    You are a driven and motivated problem solver ready to pursue meaningful work. You strive to make an impact every day & not only at work, but in your personal life and community too. If that sounds like you, then you've landed in the right place.

    The Hartford’s Information Protection (THIP) organization is looking for a talented security professional to join a high-performing team responsible for governing, managing and delivering our company’s cybersecurity defenses. As a Senior Security Specialist, this position will provide the individual an opportunity to help shape the direction of our company’s cyber security programs by providing thought leadership, professional support, and valued contributions to a range of activities. We are looking for an experienced security professional with strong technical skills across various security technologies, working knowledge of security incident response protocols, monitoring security technologies in an enterprise environment and an awareness of emerging cyber threats and trends.

    This role within our Threat Management team will provide level 2 and level 3 Security Operations Center (SOC) and incident response escalation support for the THIP Incident Response (IR) team including some threat hunting responsibilities. The candidate will collaborate and have significant interaction with the Hartford’s third party managed SOC vendor. This position plays a critical role in detecting and responding to potential security incidents while helping to improve the Hartford’s incident response capabilities.

    RESPONSIBILITIES:

  • Reviewing the on premise SIEM platform on a daily basis to detect potential security events, primarily to review, vet and triage L1 escalated events.
  • Perform analysis of logged security correlations and of event data from firewalls, IPS, endpoint security, proxies and other network and security technologies. Performing triage and investigation on incidents to determine risk level and remediation
  • Using enterprise security technologies to continuously monitor the company’s assets, conduct technical analysis of network traffic to identify anomalies and then taking action to respond to potential vulnerabilities and threats. 
  • Escalation of priority incidents to infrastructure, security and other internal teams as necessary
  • Recommend and provide input to security monitoring and detection rules to improve fidelity of alerts
  • Detect incidents through proactive “hunting” analysis of security-relevant data sets
  • Taking an active role in supporting broader Security Incident Response protocols, including partnering with other technology areas to respond and recover in a coordinated and timely manner.
  • QUALIFICATIONS:

  • College degree in Computer Science, Information Security, Engineering, related field, or equivalent experience.
  • 5+ years of work experience in Information Security, and 4+ years in similarly technical roles, such as those working with networking, client and server management.
  • Knowledge of common Internet protocols, applications and networking technologies.
  • Experience in monitoring hybrid cloud environments is desired. (AWS, Azure AD, Microsoft Cloud/M365)
  • Experience navigating and querying current SIEM technologies is preferred (Splunk, QRadar, SumoLogic, Microsoft Sentinel, etc.)
  • Experience using/querying TIP (Threat Intelligence Platforms) are desirable.
  • Knowledge of attack vectors (malware, web application, social engineering, etc.)
  • Understanding of behavior and capabilities of malware and identifying indicators of compromise and usage of sandboxing technologies or services.
  • Knowledge of various security methodologies and processes, and technical security solutions (firewall, packet analysis, SIEM, endpoint detection and response and intrusion detection systems)
  • Practical experience of operating systems (Linux, Windows, MacOS), network communication protocols, firewalls, web application firewalls, packet analysis, log analysis, endpoint security technologies.
  • Demonstrated experience in effectively partnering across organizational teams, working collaboratively with professionals that support end-user services, network technologies, cloud computing, infrastructure, and applications. 
  • An ability to identify and assesses the severity and potential impact of threats and communicate assessment findings in a way that consistently drives objective, fact-based decisions.
  • Strong decision-making capabilities with a proven ability to weigh relative business impacts against the importance of security measures.
  • A willingness to continuously learn and develop skills commensurate to this role and other potential growth opportunities within and across the organization.
  • Industry recognized certifications, ISC2, GIAC, ISACA certifications are preferred.
  • Remote candidates welcome

    Must be authorized to work in the US without company sponsorship

    Equal Opportunity Employer/Females/Minorities/Veterans/Disability/Sexual Orientation/Gender Identity or Expression/Religion/Age

    Information Security Senior Specialist - IS07EE