Westfield - Seville, OH
posted about 2 months ago
The Information Data Security Lead Engineer will assist with technical leadership and supervision, being responsible for designing, implementing, and maintaining the organization's information security data security infrastructure. This role requires the identification and mitigation of security risks, the development and enforcement of security policies, and ensuring compliance with industry regulations. The position collaborates with cross-functional teams, assesses the security posture, conducts risk assessments, and implements effective security controls. Additionally, the role involves monitoring security events, investigating incidents, and providing recommendations for remediation. This position is crucial in safeguarding the confidentiality, integrity, and availability of sensitive information, contributing to the maintenance of a strong and resilient security posture within the company. The lead engineer will oversee the design, implementation, and management of comprehensive information security programs and initiatives within the insurance company, ensuring the confidentiality, integrity, and availability of information assets. They will conduct advanced security assessments, threat modeling, and risk analysis of the company's data infrastructure, systems, and applications, providing insights and recommendations for mitigating risks and strengthening security controls. The role also includes leading the development, implementation, and maintenance of robust security controls, data loss prevention systems, and encryption technologies to protect the company's data. In addition, the lead engineer will participate in incident response activities, including security incident investigation, containment, and remediation, collaborating with internal teams and external stakeholders to minimize the impact of security incidents and prevent recurrence. They will serve as a subject matter expert (SME) for leading the design, implementation, and maintenance of database monitoring solutions to business areas, project teams, and vendors to apply and execute appropriate use of technology solutions. The engineer will also lead the delivery of DLP program objectives, implement DLP controls, and define standards and policies. They will assess, report on, and make recommendations regarding current and proposed architectures, strategies, and systems in the DLP space, while collaborating with cross-functional teams to define and enforce information security policies, standards, and procedures, ensuring compliance with relevant regulations, industry frameworks, and best practices. Furthermore, the engineer will provide technical guidance and mentorship to junior security engineers, sharing expertise in areas such as secure architecture design, secure coding practices, and vulnerability management. Engaging with industry forums, security communities, and regulatory bodies to stay informed about emerging security threats and regulations will also be part of their responsibilities, representing the insurance company's interests and contributing to industry-wide security initiatives.