Security Engineer
We are seeking a highly skilled and motivated Security Engineer to join our dynamic IT Security team. This role will focus on ensuring the security of our network infrastructure, managing AWS environments, and leveraging SIEM tools to detect, respond to, and prevent security incidents. The ideal candidate will have a strong background in network security, cloud security (AWS), and SIEM platforms.
Responsibilities:
Network Security
Collaborating with the Network Team:
- The Security Engineer will work closely with the Network team to ensure the security of the overall network infrastructure, focusing on specific security tools and practices like firewalls, WAF, and load balancing from a security perspective.
Key Areas of Focus:
- Firewalls: Ensuring proper firewall configurations, access control lists (ACLs), and VPN management to protect internal and external traffic.
- Web Application Firewall (WAF): Configuring, managing, and monitoring WAFs to prevent attacks like SQL injection and XSS, as well as fine-tuning rule sets for optimal performance.
- Load Balancers: Securing load balancing solutions by implementing SSL termination, DDoS protection, and encryption to maintain secure traffic distribution and high availability.
- Network Segmentation: Ensuring proper network segmentation, including isolating critical infrastructure and managing secure network zones.
AWS Security:
- Secure AWS infrastructure and services using best practices (e.g., IAM, VPC, encryption).
- Monitor and enforce security controls in AWS environments.
- Work with DevOps teams to ensure secure cloud architecture and deployment pipelines.
- Respond to and mitigate security incidents in the cloud environment.
SIEM (Security Information and Event Management):
- Implement and maintain SIEM solutions (e.g., Sumo, Splunk, ELK stack).
- Develop and fine-tune log collection and correlation rules for security event detection.
- Analyze and investigate security events and incidents using SIEM tools.
- Provide reports and insights on security trends and incidents.
Qualifications:
- Bachelor's degree in Computer Science, Information Security, or a related field.
- Minimum 3-5 years of experience in network security, cloud security (AWS), and SIEM platforms.
- Strong knowledge of AWS security tools and best practices.
- Experience with network security tools (firewalls, IDS/IPS, VPN, etc.).
- Hands-on experience with SIEM tools like Splunk, Elastic Stack, or others.
- Strong understanding of security protocols (e.g., TLS, VPN, IPsec).
- Familiarity with security compliance standards (e.g., ISO 27001, PCI-DSS).
- Industry certifications (e.g., CISSP, AWS Certified Security Specialty, CEH) are a plus.
Perks and Benefits
- 4 weeks accrued paid time off + 9 paid national holidays per year
- Free onsite gym at our Boston Location
- Tuition Reimbursement
- Low cost and excellent coverage health insurance options that start on Day 1 (medical, dental, vision)
- Robust health and wellness program and fitness reimbursements
- Auto and home insurance discounts
- Matching gift opportunities
- Annual 401(k) Employer Contribution (up to 7.5% of your base salary)
- Various Paid Family leave options including Paid Parental Leave
- Resources to promote Professional Development (LinkedIn Learning and licensure assistance)
- Convenient location directly across from South Station and Pre-Tax Commuter Benefits
About the Company
The Plymouth Rock Company and its affiliated group of companies write and manage over $2 billion in personal and commercial auto and homeowner's insurance throughout the Northeast and mid-Atlantic, where we have built an unparalleled reputation for service. We continuously invest in technology, our employees thrive in our empowering environment, and our customers are among the most loyal in the industry. The Plymouth Rock group of companies employs more than 1,900 people and is headquartered in Boston, Massachusetts. Plymouth Rock Assurance Corporation holds an A.M. Best rating of "A-/Excellent".