Associate Information Security Engineer

The Associate Information Security Engineer is responsible for Identity and Access Management; provisioning and deprovisioning workforce member access to systems, applications, and data via a combination of entering commands, executing provided scripts or using a role-based access control (RBAC) tool.  This position is also responsible for overseeing quarterly access entitlement reviews by data owners within the business units to ensure access is appropriate for defined job roles and for updating access if requested by a data owner.

In addition the Associate Information Security Engineer is the point of contact for MEMIC’s managed security services provider (MSSP) for managed threat detection and response (MTDR) events identified by the security operations center (SOC) to review.

• Add, change, and delete workforce member access to MEMIC systems, applications and data as directed by an authorized requester through inputting commands, executing provided scripts and using an RBAC tool.
• Access, review and assign MTDR security events created by the MSSP SOC for further analysis by an Engineer.
• Resolve or refer services requests opened by the IT Help Desk or via the Self-Service Portal and be the point of contact on these requests.
• Assist Engineers test new security controls, change existing security controls and peer-review documented procedures. 
• Oversee quarterly review of system, application and data access based on job role by providing reports to identified data owners. Review and make changes as requested by a data owner, retaining documentation for future review needs.
• Maintain documentation, scripts and RBAC entries to ensure these tools remain current.

Requirements:

• Minimum of two years’ experience working in a technical, hands-on, IT support role with progressively increasing responsibilities.
• Associates Degree in Computer Science, Computer Engineering, or related technical discipline preferred.
• General understanding of IT concepts (vdemonstrate; understanding of Microsoft Active Directory, working knowledge of IP networks, practical understanding of access controls and request ticketing), cloud-hosted environments (Microsoft O365, Exchange) and Computer Networking (IP subnetting, protocols, architecture, modern security principals, traffic analysis and event monitoring).
• Working knowledge of secure application architecture, secure coding practices and vulnerability assessment.
• Workers’ Compensation Professional (WCP) certification preferred.
• Experience working with Windows command scripting.
• Works effectively as a member of a team, independently and collaboratively with all levels.
• Proficient communication skills, written and verbal.

Our comprehensive benefits package includes all traditional offerings such as:

• Health Insurance options, Dental Insurance options and Vision Insurance
• Employee Life Insurance/AD&D and Dependent Life Insurance options
• Short-term & Long-term Disability
• Health Savings Account with potential employer match
• Flexible Medical and Dependent Care Account
• Accident Insurance
• Critical Illness Insurance
• Employee Assistance Program
• Legal/Identify Theft Insurance options
• Long Term Care Insurance
• Pet Insurance
• 401 (k) Retirement Plan with match up to 5%, plus profit sharing & discretionary contributions (subject to vesting)
• 5 weeks of Paid Time Off (PTO)
• 7 paid holidays

We also offer other benefits to help foster a healthy, balance lifestyle such as:

• Flextime schedules
• Paid Parental Leave
• Student loan paydown and refinancing assistance
• Educational assistance for job related courses, seminars, certifications or degrees
• One paid day every year to volunteer for your non-profit of choice
• On-site fitness center (Maine & Virginia) or fitness reimbursement
• Subsidized parking
• Sit-Stand desks & daily stretch breaks

MEMIC is committed to a policy of nondiscrimination and equal opportunity for all employees and qualified applicants without regard to race, color, religious creed, national origin, ancestry, age, disability, genetics, gender identity, veteran's status, sexual orientation, or any other characteristic protected by law.