Information Security Engineer III jobs in United States
cer-icon
Apply on Employer Site
company-logo

ICW Group · 2 weeks ago

Information Security Engineer III

positionSan Diego, CA
timeFull-time
remoteOnsite
senioritySenior Level, Lead/Staff
money$122K/yr - $218K/yr
date8+ years exp

ICW Group is a well-established insurance carrier with over 50 years in business, focused on transforming the insurance experience. The Information Security Engineer III is responsible for designing secure architectures and developing cybersecurity strategies to monitor and defend against potential threats to the company's technology.

Financial ServicesInsurance
check
Growth OpportunitiesbadNo H1Bnote

Responsibilities

Monitors and defends information systems against unauthorized access, modifications and/or destruction
Monitors cloud, on-prem, and SaaS environments for security threats using SIEM, EDR, cloud-native logging, and network telemetry
Leads security incident response, including preparation, detection, analysis, containment, eradication, and recovery
Researches and implements methods to remediate network and application security vulnerabilities
Leads and participates in security architecture controls reporting, compliance audits, monthly and ad-hoc statistics and trends, and risk-focused reports including internal and 3rd party Risk Assessments
Utilizes automated tools to identify, assess, and report security concerns, with emphasis placed on effective communication to stakeholders. Takes an active lead to inform, advise, and partner with business units to help better secure operations
Conducts threat hunting and root-cause analysis to identify anomalous behavior, exploitation attempts, and indicators of compromise
Investigates potential data misuse, data exfiltration, and anomalous access patterns using logs, DLP, and monitoring tools
Leads and runs complex security related projects and resolves security related issues
Resolves complex security projects and issues. Develops a set of security standards to respond to and recover from a security breach
Uses advanced technologies including Intrusion Detection & Prevention Systems (IDS/IPS), Firewalls, SIEM, Antivirus, Network Packet Analyzers, Malware analysis and forensics tools to detect intrusions, breaches in compliance, etc
Prepares and analyses system security reports by collecting, analyzing, and summarizing data and trends and makes recommendations to improve security
Conducts threat modeling, secure design reviews, and application security assessments
Maintains operational security posture for an information system or program to ensure information system security policies, standards, and procedures are established and followed
Creates and updates technical security standards for assets and software
Serves as cyber security technical subject matter expert and trainer and primary resource for the organization
Provides information security expertise to system development teams throughout the life cycle process
Partners with Engineering, Infrastructure, Cloud, Data, and Operations teams to embed security into system design and delivery
Leads and conducts information security risk assessments including documenting processes, service level agreements and best practices
Develops the overall security design, development, testing and implementation of security solutions. Recommends compliance strategies that support customer requirements and alignment to company policy
Tracks and reports on security metrics, risk trends, and remediation progress for assigned initiatives
Collaborates with key stakeholders on remediation strategies and follow remediation activities through closure
Partners with project management and other internal teams in determining overall security solutions
Executes technical and process changes required to adopt, maintain, and adjust InfoSec controls as required to manage the company's risks and align with industry best practices
Works closely with Cloud Engineering to define secure deployment patterns, guardrails, and reusable security-approved architectures
Works with peers in other internal groups to drive technical security risk down in targeted areas
Takes end-to-end ownership of one or more security platforms, controls, or metrics, driving continuous improvement
Contributes to the continual enhancement of the IT security infrastructure program through governance, core processes, leading technology, and enhancement of team’s skill sets
Coaches and educates engineers and partners to improve early detection, secure design, and shared security ownership

Qualification

AWS Cloud SecurityIntrusion Detection SystemsSecurity Incident ResponseRisk AssessmentCybersecurity ExpertiseData Loss PreventionMalware AnalysisCommunication SkillsTeam CollaborationProblem Solving

Required

Bachelor's Degree required in Engineering, Cybersecurity, Networking, or Computer Science related discipline
Minimum 8 years of experience working in a security engineering related role designing secure networks, systems and application architectures or equivalent combination of education and experience required
Experience in cyber security role requiring knowledge of data analysis, risk assessment, risk mitigation, investigation methods, incident management concepts and practices, and policy and procedure development
Strong understanding of endpoint security solutions to include File Integrity Monitoring and Data Loss Prevention
Demonstrated experience as a lead engineer in the design, implementation and support in an enterprise IT environment
Ability to combine disparate skills and thinking to craft solutions and solve complex operational problems
Must be able to read, write and speak English effectively
Ability to effectively communicate/present technical information to a non-technical audience
Ability to cross train and share information with team members

Preferred

Minimum 3-5 years of experience in AWS Cloud Security services preferred
Direct experience using advanced technologies such as Intrusion Detection & Prevention Systems (IDS/IPS), Firewalls, SIEM, Antivirus software, Network Packet Analyzers, content filtering, Malware analysis and forensics tools to detect intrusions
Experience with AWS Services such as AWS Identity & Access Management, AWS Organizations, AWS Security HuB, Guard Duty, CloudTrail, AWS CloudTrail
Certification in GSEC, CISSP, and/or Security+ preferred
AWS Certified Security – Specialty, preferred

Benefits

Generous medical, dental, and vision plans
401K retirement plans and company match
Bonus potential for all positions
Paid Time Off with an accrual rate of 5.23 hours per pay period (equal to 17 days per year)
11 paid holidays throughout the calendar year
We’ll support you 100%

Company

ICW Group

twittertwittertwitter
Glassdoor4.0
company-logo
ICW Group Insurance Companies is a top-tier, national, multi-line Property & Casualty insurance company, providing comprehensive coverage to safeguard our customers’ world.
dateFounded in 1972
location
San Diego, California, USA
people-size1001-5000 employees
web-link
https://www.icwgroup.com

Funding

Current Stage
Late Stage

Leadership Team

leader-logo
Rob deViere
Vice President, Head of Distribution & Marketing
linkedin
leader-logo
Iva Yuan
Chief Actuary, Head of Reserving, Pricing and Product
linkedin

Recent News

PR Newswire
ICW Group Expands ICW Specialty with Alternative Risk Transfer; Appoints Travis Murnan to Lead New Capability
2026-01-16
PR Newswire
ICW Group Insurance Companies Names Lynn Moretti as Chief Claims Officer
2025-10-09
PR Newswire
ICW Group Names Jake Sokol Head of Excess Casualty for New Business Unit, ICW Specialty
2025-09-24
Company data provided by crunchbase