Information Security Engineer - Corporate

Employee Type:  Full-Time

Chicago, IL, US, 60601

Job Type:  Information Technology
Secondary Location: 
Years of Experience: 
Position Summary:

The Information Security Engineer will report directly to the Director of Information Security and work on the front lines owning environment monitoring and incident response, threat and vulnerability management, application security, and building out and continuously improving our security posture. This may involve testing, log analysis, interacting with vendors and partners, automation and scripting, or systems administration tasks.

Essential Functions:

•    Work with the development teams to create and deploy application security policies and processes.
•    Assist development teams to design vulnerability remediation solutions. 
•    Responsible for security event handling and security incident response processes, including documenting standard operating procedures and protocols and automating common tasks.
•    Research, implement and administer security infrastructure as required, including intrusion protection, security-related firewall configurations, endpoint solutions, anti-phishing and SIEM tools, including tuning and custom alerts. 
•    Implement and document best-practice security procedures, standards, and guidelines.
•    Identify security exposures and develop mitigation plans.
•    Partner with other departments and business units to implement security solutions.
•    Advocate security awareness and teach secure behavior and methods.
•    Perform technical risk assessments, triage security testing results and manage security response actions.
•    Work closely with IT on the development of security metrics, assisting in compliance audits, and continuous security improvements.
•    Assist in compliance activates such as external audits from customers, regulatory compliance projects, and overall information security reviews.


•    Bachelor's degree in Computer Science/Engineering/Information Security.  
•    Minimum 5 years information security experience.
•    CISSP or comparable Information Security certification preferred.
•    Secure DevOps processes including secure code review, code testing, and production security testing.
•    Application vulnerability and web application protection solutions.
•    Experience with Palo Alto Next Gen firewalls
•    Server / workstation / mobile device security hardening.
•    Network and application vulnerability and penetration testing.
•    Strong written and oral communication skills are a must.
•    Experience working in a team-oriented, collaborative environment.
•    Proficiency in Microsoft Office including, but not limited to Outlook, Word, Excel.

Ryan Specialty Group is an Equal Opportunity Employer

Nearest Major Market: Chicago