Apply on Employer Site

UFG Insurance · 1 day ago

Info Security Engineer

Cedar Rapids, IA

Full-time

Onsite

Senior Level

$103K/yr - $136K/yr

5+ years exp

UFG Insurance is currently hiring for an Information Security Engineer who will play a critical role in designing, implementing, and maintaining technical security controls that protect UFG’s systems, data, and infrastructure. The engineer will operate as a subject matter expert, collaborating with various teams to enforce security standards and ensure regulatory compliance.

Financial ServicesInsurance

H1B Sponsor Likely

Responsibilities

Serves as team subject matter expert in the regular review and analysis of security logs, system alerts, and network traffic to detect, investigate, and mitigate security threats and anomalies

Develop, implement, and refine incident response plans for rapid, effective cybersecurity event management

Create and implement high value detections unique to our enterprise environment

Leads and supports Information Technology team members with risk analysis of identified issues or events and perform investigations to uncover additional facts surrounding the event with limited direction

Review, analyze, triage, and respond to phishing submissions and alerts

Lead risk assessments, vulnerability scans, and remediation efforts across infrastructure and applications

Participate in disaster recovery and business continuity planning and testing

Operates as a senior member of a 24/7 on call team, responding to incidents and leading the team as necessary

Serve as subject matter expert in the administration of critical security and operational tools to ensure system operation and availability including firewalls, vulnerability management, deception technology, SIEM, EDR, SSO, PAM, CASB\SSE, and others as necessary

Provide Level 3 technical support and serve as subject matter expert in troubleshooting security team products

Design, develop, and implement new security solutions and system enhancements to address emerging threats and improve operational efficiency

Monitor, test, and continually improve security practices in place for network, system, applications, and operations management, providing guidance for junior team members in this role

Coordinate and lead vendor relationships regarding security system updates, and technical support

Identify opportunities to improve work processes and automate improvements to make them more effective and strengthen security measures

Collaborates with IT and business partners to ensure security is factored into the evaluation, selection, installation, and configuration of hardware, software, and infrastructure

Lead in-depth analysis of cyber threats—including malware, phishing campaigns, and other attack vectors—to identify patterns, indicators of compromise (IOCs), and adversary tactics, techniques, and procedures (TTPs)

Aggregate and evaluate threat intelligence from diverse sources such as open-source intelligence tools (OSINT) and commercial feeds to identify relevant and actionable insights for the organization

Collaborate closely with business and IT personnel in a complex information technology environment to support proactive threat identification, risk mitigation, and incident response efforts

Stay current with and remain knowledgeable about new threats. Analyze attacker tactics, techniques and procedures (TTPs) from security events across our network of security devices and end-user systems

Monitor emerging security threats and identify vulnerabilities in current or proposed systems and processes

Participate in the development and enforcement of IT security policies, standards, procedures, and compliance requirements

Conduct security audits and risk assessments to identify gaps, create unique solutions, and implement essential controls

Create, conduct, and maintain security audits to facilitate SOX compliance in coordination with both internal and external auditors

Create and administrate automation or manually input data as necessary to track, communicate, monitor, or improve Information Security team metrics and reports

Guide the development of Identity Access Management standard operating procedures, playbooks and runbooks

Lead the strategy, standards, processes and technologies for the Identity Access Management Program

Instruct junior team members in the design, implementation, and administration of solutions within the existing architecture including single sign on (SSO) and System for Cross-Domain Identity Management (SCIM) configurations for on-prem and SaaS applications, utilizing scripting and automation to create unique solutions when necessary

Collaborate with business and IT teams to identify gaps in and expand coverage of identity access management controls and capabilities

Design and guide application administrators to implement access controls

Lead the design, development and implementation of solutions to successfully integrate new identity management systems with existing architecture

Monitor information technology industry tools and trends for new technologies and make recommendations on their impact to the organization

Attend regular training events and keep skills sharp in the security industry and with specific UFG products

Maintain awareness of new attack methods and how they intersect with our security stack

Work with the entire team to stay abreast of the current state of information security practices

Qualification

Incident ResponseSecurity MonitoringVulnerability ManagementIdentity Access ManagementSecurity AdministrationThreat IntelligenceRisk AssessmentSaaS SecurityPowerShellPythonC#CollaborationCommunication

Required

Bachelor's degree in information technology, Computer Science, Management Information Systems, or equivalent combination of education and relevant enterprise-level experience

Minimum of five years of combined experience in IT administration with at least three years of direct security experience in conjunction with an IAT Level III certification

Minimum of seven years of combined experience in IT Administration with at least four years of direct security experience in conjunction with an IAT Level II certification

Minimum of eight years of experience in IT with at least five years of direct Security experience

Minimum of two years' experience securing SaaS based solutions

Working knowledge of PowerShell, Python, or C#

Preferred

Industry related certifications (Such as MCSE, CCNA, CISSP, or any GIAC)

Benefits

Annual incentive compensation

Medical, dental, vision & life insurance

Accident, critical Illness & short-term disability insurance

Retirement plans with employer contributions

Generous time-off program

Programs designed to support the employee well-being and financial security.

Company

UFG Insurance

The United Fire Group (UFG) companies join together to offer a range of property/casualty products.

Founded in 1946

Cedar Rapids, Iowa, USA

501-1000 employees

https://www.ufginsurance.com/

H1B Sponsorship

UFG Insurance has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)

Distribution of Different Job Fields Receiving Sponsorship

Represents job field similar to this job

Trends of Total Sponsorships

2025 (1)

2024 (1)

2023 (3)

2021 (3)