NCCI · 14 hours ago
Information Security Consultant
901 Peninsula Corp Cir, Boca Raton, FL 33487, USA
Full-time
Hybrid
Senior Level
6+ years expNCCI is a trusted source for workers compensation information, and they are seeking an Information Security Consultant to lead the design and integration of security operations solutions. The role involves providing technical security guidance, maintaining security standards, and developing strategies for cloud security and incident response.
Insurance
No H1B
Responsibilities
Partner with various IT teams to create and maintain applicable security standards primarily for cloud environments such as Azure, AWS, and OCI; and participate in other security disciplines such as IAM, vulnerability management, and IT systems (Networks, Windows, Linux, Database, Endpoint) Security
Maintain and implement incident handling plans as they relate to cloud incident response; participate in incident response activities and plan, coordinate, and perform security testing exercises such as pen testing and tabletop exercises, including cloud-based scenarios
Develop strategies to improve efficiencies using automation and orchestration solutions (ie: infrastructure-as-code and cloud security automation) to reduce manual work that can be done programmatically
Lead the creation and maintenance of documentation related to NCCI’s security framework, program, and standards where applicable to role, including cloud security architecture and control mappings
Qualification
Required
Bachelor's Degree
6+ years experience in an intermediate-level Information Security role with proven expertise in multiple aspects of security and IT operations, including securing cloud or hybrid environments
In lieu of the degree, additional work experience and/or trade school or applicable certifications would be acceptable
Certification in at least one of the following: CISSP, SANS GIAC, CEH, or vendor specific certifications related to security disciplines such as cloud (ie: AWS, Azure, or OCI security certifications)
Advanced knowledge of Information Security concepts, principles, and practices
Advanced knowledge of Cloud security across multiple disciplines including IAM, Workload Security, and Cloud Security Posture overall
Advanced knowledge of Security aspects for multiple operating systems, networking technologies, encryption technologies, and applications
Advanced knowledge of Network security technologies, such as Firewalls, VPN, IDS/IPS, etc
Advanced knowledge of Identity and Access Management, including Role Design, Campaign Design, Source System Integration, and cloud IAM services
Advanced knowledge of Continuous monitoring principles, including threat management, SIEM, File and Database Activity Monitoring, and Incident Response in both on-prem and cloud environments
Advanced knowledge of Multiple security domains inclusive of security management, access control systems and methodology, network security, cryptography, operations security, application and system development security, threat management, and incident response
Advanced knowledge of Security control frameworks, standards, governance, and security best practices as applied to cloud and hybrid architectures
Intermediate knowledge of Secure Coding principles
Intermediate knowledge of Scripting experience and programming language, such as PERL, Java, .NET, or scripting used for cloud automation (e.g., Python, PowerShell)
Proven ability to work independently with guidance in only the most complex situations
Proven ability to be agile in learning, seek to excel, be curious and adaptable
Proven ability to act as lead in managing security related projects and investigations including cloud security initiatives
Proven ability to maintain a high level of professionalism and confidentiality
Proven ability to work well under pressure
Proven ability to solve complex problems, analyze information, identify and assess risks, and make tactical and strategic recommendations
Excellent organizational, planning, written and verbal communication skills
Strong client-facing skills with ability to handle and lead conversations with large technically diverse teams
Organized, responsive, and highly thorough problem solver
Experience driving measurable improvement in security operations and risk reduction within the organization including cloud risk reduction
Excellent time management skills to aid in meeting specific goals and plans to prioritize, organize, and accomplish
Ability to be on-call and work outside of regular business hours as needed
An additional requirement for this role is the successful passing of a credit check review for the selected candidate
Preferred
Additional advanced information security related certifications from SANS GIAC (Global Information Assurance Certification); ISACA, ISC2, etc
Hands-on experience securing cloud environments such as OCI, Azure, and/or AWS, including logging, monitoring, IAM, workload security, cloud security posture and cloud network security
Benefits
Competitive starting base pay plus a targeted annual performance bonus
A phenomenal work environment, with perks including an onsite café, coffee shop, game room, fitness center, and employee activities and sports leagues to participate in
Fantastic benefits package and total rewards offerings
Company
NCCI
Founded in 1923, the mission of the National Council on Compensation Insurance (NCCI) is to foster a healthy workers compensation system.
501-1000 employees
Funding
Current Stage
Late StageLeadership Team
Michael Spears
Chief Operations Officer
Recent News
2025-01-16
Company data provided by crunchbase