Information Security Engineer

Job Description

Who We Are:

At PEMCO we're all about people - our customers, our employees, and the community. We're a mutual insurance company owned by our Northwest policyholders. We provide auto, home, renters, and boat coverage. Recently, Forbes named PEMCO as one of America's Best Insurance Companies 2022 and ranked PEMCO as the #1 auto insurer in the nation based on customer survey feedback. We are consistently recognized for our outstanding customer service, employee expertise, diverse community partnership and engagement, and social impact as well.

Our social impact programs motivate high achievement by youth in education; build stronger and greener communities; and increase safety at home, on the road, and at play. We're committed to diversity, equity, inclusion, and belonging, and to fostering an inspiring and inclusive workplace. These efforts create and cultivate an environment that builds fairness and understanding, encourages collaboration and flexibility, and celebrates all the ways in which we're different and the same - enabling all individuals to achieve their full potential.

Why We Need You:

PEMCO has a dynamic and challenging opportunity for an experienced Information Security Engineer to join our community. In this role, you will be responsible for providing technical and Information Security engineering support, working collaboratively with all technical support areas to ensure systems are supported consistent in maintaining security standards.

What You'll Be Doing:

• Collaborate with more senior levels to perform cost-benefit and return on investment analyses for proposed systems to aid management in making implementation decisions regarding Security toolsets and controls.
• Contribute to the secure and reliable implementation and operation of software, systems, and services for fulfilling business objectives and processes.
• Maintain separation of duties (may perform detailed technical work in the event a conflict of interest exists, or is suspected, with another support team or area).
• May be asked to support highly confidential or niche security systems.
• Partner with more senior Information Security engineers to ensure designs meet security standards; perform validation testing; contribute to design documentation and other project deliverables, as necessary.
• Remain current on security best practices.
• Support day-to-day information security program administration.
• Collaborate with all leadership, teams, and stakeholders to support and maintain security framework.
• Assist with deployment of secure new operating systems, applications, and enhancements to existing applications, software, and operating systems to improve performance and reliability.
• Assist more senior engineers, department manager and stakeholders with defining business requirements and systems goals, and to apply appropriate Security controls.
• Assist in troubleshooting, forensic analysis, and investigations for security incidents to determine level of incident response, mitigation, and resolution.
• Demonstrate behaviors consistent with PEMCO's policies, values, code of ethics and business conduct.
• Authentically support the PEMCO Brand and constantly are on the lookout for top talent to join us to achieve our Mission to Worry Less and Live More.
• Other duties as assigned.

What You'll Bring:

• B.A. or B.S. degree or equivalent work experience (Computer Science or technology-related field)
• SSL/VPN Remote Access experience is required
• Demonstrated experience in supporting a wide range of security, regulatory, and compliance audits is required
• 3 years of experience working with information processing and information security products and technologies including Cisco ASA, FTD, FMC, IPS, Microsoft Stack (Windows 10 and 11 workstations), 2016/2019 Servers, Azure Deployments including, PrivateLinks, Key Vaults, Storage Accounts, etc, Office 365, Active Directory, Endpoint management, Defender threat hunting, etc., Unix/Linux, intrusion detection systems, Multi-factor authentication, common network vulnerability assessment tools, Web Application firewalls is required
• Financial services industry experience
• Proven experience with systems planning, security principles, and general software management best practices Professional Licenses & Certifications
• CISSP certification or equivalent Essential Skills
• Job specific: Demonstrated knowledge in the following technical areas: Active Directory Security along with application of Group Policy Objects, SQL Security Hardening, IIS Security Hardening, Web Application Security, Network hardening with ACLs (understanding protocols), Incident Response/Incident Handling, and Forensics is required
• MS Office: Skilled proficiency in Excel, Word, PowerPoint, Outlook, Access is required
• Communicator: Communicates clearly and informatively, verbally and in writing, with colleagues, customers, and the community in both technical and non-technical professional language
• Compliance: Possesses knowledge and understanding of relevant laws, rules, and regulations
• Confidentiality: Has a high degree of integrity and the ability to exercise discretion in confidential situations
• Job specific: Ability to conduct research into systems issues and products
• Job specific: Working knowledge of secure TCP/IP network architecture and enterprise computer/infrastructure operations is required
• Precision: Is detail orientated and has a strong desire for accuracy and thoroughness
• Problem Solver: Ability to analyze, diagnose and resolve complex unstructured problems quickly, efficiently, and collaboratively
• Team Player: Is responsive, flexible, and able to succeed in a team-oriented, collaborative environment, building effective working relations and partnerships with internal partners, customers, and vendors

What We Value:

PEMCO has identified the below competencies as critical for employees and the future of our business. The competencies are intended to define skills or abilities expected of our employees, behaviors which employees can develop, and be evaluated against in their job. Proficiency levels include Beginner, Skilled, Advanced, and Mastery. Not every employee is expected to master every competency. Instead, we expect that employees will build skills in these areas as they progress through their roles and career at PEMCO.

• Agility: Handles risk and uncertainty, shifts gears with ease and speed, copes with and manages change well
• Growth Mindset: Develops abilities through dedication and hard work, views challenges and failures as opportunities to learn and improve skills
• Service Passion: Provides excellent service to others and seeks ways to improve that service; ensures the customer experience (internal and external) is a key consideration in policies, procedures, and decision-making
• Complex Problem Solving: Solves ill-defined, ambiguous problems in complex settings using logic, process, and experience

Compensation:

The compensation range for this role is shown below. Placement within the range varies depending on job-related knowledge, skills, and experience.

• Greater Seattle Area*: The pay range for this position ranges from $89,591-$149,318
• Outside Greater Seattle**: The pay range for this position ranges from $80,632-$134,386

*Greater Seattle Area is defined as working within approximately 100 miles of Seattle.

**Outside Greater Seattle is defined as working approximately 100 miles or more from Seattle.

Benefits:

Regular part-time PEMCO employees working at least 24 hours per week and regular full-time PEMCO employees are eligible to elect coverage under medical, dental, and vision plans for themselves and their eligible family members with generous employer premium cost shares. In addition, as a benefits-eligible employee, you are:

• covered by employer-paid basic life and accidental death & dismemberment insurance policies as well as long- and short-term disability benefit coverages.
• eligible to participate in PEMCO's 401(k) plan which includes a generous employer match (2 for 1 on the first 6% employee pre-tax and/or Roth deferral, up to federal maximums).

PEMCO provides the following paid leave programs for benefits-eligible employees in their first year of PEMCO employment:

• Accrue up to ten (10) days of paid vacation time
• Granted four (4) personal days immediately upon hire
• Paid holidays for the eight (8) holidays observed by PEMCO throughout the calendar year.
• Granted up to ten (10) days of sick leave immediately upon hire (pro-rated based on hire date and full-time/part-time status), which is approximately 28 hours more per year than the Washington state-required accrual
• In addition, PEMCO provides paid time off for bereavement, jury duty and employee volunteering in the community.

Other miscellaneous benefit programs offered by PEMCO include:

• Flexible Spending Accounts
• Education Assistance Program after one year of service
• Scholarship program for children of PEMCO employees after one year of service
• Employee Assistance Program
• Well-being program
• Discretionary taxable gifts and gift cards
• And other Perks & Benefits including discounts on computer software and hardware, cell phone plans, and rental cars

Other compensation depending on role, contributions, and performance may include:

• Discretionary bonuses
• Tiered sales commissions and/or incentives (from 5-25% of employee's monthly sales)
• Employee referral bonuses
• Shift differential pay

Equal Employment Opportunity:

At PEMCO, we celebrate and support our differences. We know employing a team rich in diverse thoughts, experiences, and opinions allows our employees, our products and our community to flourish. PEMCO is honored to be an equal opportunity workplace. We are dedicated to equal employment opportunities regardless of race, color, ancestry, religion, sex, national orientation, age, citizenship, marital status, disability, gender identity, sexual orientation, or veteran status.

Applicants have rights under Federal Employment Laws:

• Family and Medical Leave Act (FMLA)
• Equal Employment Opportunity (EEO)
• Employee Polygraph Protection Act (EPPA)