Data Security Engineer

About The Position

Requirements

• Bachelor's degree in information technology (or related field) or equivalent experience.
• 4+ years in IT data security engineering and operations in an enterprise environment.
• 4+ years of experience in IT, or related area, with a focus on security tool technology, security management and policy enforcement.
• Hands on experience supporting security requirements of a large, global enterprise environment.
• Prior experience with data security, encryption technology and related applications, tools and solutions.
• Experience with installation and support data security tools.
• Experience in developing, documenting and maintaining security procedures.
• Strong knowledge of TCP/IP and networking protocols.
• Strong understanding of database privileged activity monitoring is preferred.
• In-depth knowledge of operating systems, applications, network, and database security architectures.
• Strong analytical and organizational skills.
• Excellent verbal and written communication, problem solving and time management skills.
• Ability to work efficiently and productively with minimal guidance or direction.
• Strong team player with initiative and ability to take charge of their area of expertise.
• Ability to clearly and effectively communicate concerns, issues and research to other teams.

Nice To Haves

• One or more IT Security related certifications is highly preferred, such as CISSP, SSCP, CISM or CEH.
• Understanding of Security Information and Event Management (SIEM) with knowledge of Log Collection, Parsing of log files and how this data can be effectively used to mitigate risk.
• Knowledge in security orchestration, automation and response.
• Knowledgeable using scripting languages and use of regex.

Responsibilities

• Perform installation and configuration management of security systems and applications, including policy assessment of the data security stack and set of policies and standards.
• Perform security related tasks, including the day-to-day administration of the different information security tools and devices, fine tuning configuration of the devices to reduce false positives and improve effectiveness in security event monitoring.
• Ensure that security tools are performing optimally and security events are detected in time for remediation.
• Work with the security analyst and content management teams to ensure data ingested by the SIEM is useful, reduces white noise, and is properly leveraged and actioned for incident response.
• Implementing security measures to protect the enterprise as well as prevent data loss and respond to security incidents.
• Perform security analysis of traffic patterns and adjust policy and procedures.
• Performing technical and non-technical risk assessments on our systems and make recommendations to identify and improve security risk.
• Determine and implement appropriate levels of security configuration, controls and monitoring.
• Developing quality program metrics to measure program performance as well as enterprise risk. This data must provide actionable intelligence to help drive the data security program.
• Work with other business units to develop appropriate plans for the implementation and configuration of data security technologies thereby ensuring business engagement and understanding of the data security initiatives.

Benefits

• At AIG, our people are our greatest asset. We know how important it is to protect and invest in what’s most important to you. That is why we created our Total Rewards Program, a comprehensive benefits package that extends beyond time spent at work to offer benefits focused on your health, wellbeing and financial security—as well as your professional development—to bring peace of mind to you and your family.