Tokio Marine HCC is a leading specialty insurance group with offices in the United States, the United Kingdom, Spain and Ireland, transacting business in approximately 180 countries and underwriting more than 100 classes of specialty insurance. Tokio Marine HCC products and capabilities set the standard for the industry, and many of the Company’s almost 2,500 employees are industry-leading experts. We have an exciting opportunity for an IT Security Analyst in our Corporate Headquarters located in Houston, TX.
Under supervision, monitor, evaluate, and maintain systems and procedures to protect the confidentiality, integrity and availability of information assets.
The IT Security Analyst participates in the identification, tracking, and monitoring of information security threats and service operations. Analyst utilizes established processes and tools to focus on threat identification, analysis, and remediation. Analyst supports the processes for technical risk management to protect information assets.
- Assists with security-related software and firmware (e.g., endpoint, vulnerability scanners, firewalls, IPS/IDS, DNS, proxy etc.) to maintain security and service continuity.
- Assists in the daily operation of SIEM technology, including event review and remediation efforts as well as recommendations to management for improvement.
- Assists in the development and implementation of security policies and procedures (e.g., user log-on and authentication rules, security breach escalation procedures, security auditing procedures and use of firewalls and encryption routines).
- Enforces security policies and procedures by administering and monitoring security profiles, reviews security violation reports and investigates possible security exceptions, updates and maintains and documents security controls.
- Assists with investigations of security events (e.g., unauthorized access, non-compliance with company policies, fraud, service exploitation, etc.) to determine malfunctions, breaches, and remediation steps.
- Responds to service issues to support resolution and minimize downtime.
- Involved in the evaluation of products to enhance productivity and effectiveness.
Position Knowledge, Skills, and Requirements:
- BS degree in the field of computer science / information systems or a related field or the equivalent education and/or experience and/or cyber security training.
- Security certification CISSP, SANS, etc. is preferred.
- Three or more years of information security related experience, in areas such as: security operations, incident analysis, incident handling, vulnerability management, system patching, log analysis, intrusion detection, or firewall administration.
- Demonstrates basic understanding of SIEM technologies, including analyst operation of SIEM within SOC functionality.
- Demonstrates fundamental understanding of system and network security principles and technology.
- Demonstrates fundamental understanding of Networking – TCP/IP and other protocols. Common network device functions, such as routers, switches, hubs, etc.
- Demonstrates fundamental understanding of common security device functions, such as IDS/IPS, Network and Host-based firewalls, DLP, encryption, endpoint
- Able to work collaboratively during an incident from possible attack activities, such as scans, man in the middle, sniffing, DoS, DDoS, worms, Trojans, viruses, etc.
- Demonstrates understanding of Log file analysis and correlation
- Demonstrates understanding of relevant terminology, such as: threat, vulnerability, risk, asset, exposure, safeguards, etc.
- Demonstrates fundamental understanding of risk, IT and security controls, compliance, authentication, authorization, and accountability.
- Willingness and aptitude to develop in-depth knowledge of network and endpoint security technologies and products and continuously improve these skills.
- Solid written and verbal communication skills with an emphasis on confidentiality, tact, and diplomacy. Able to articulate technical processes, both oral and written, to different audiences and varying levels of complexity.
- Demonstrates time management skills and the ability to prioritize work in a highly dynamic environment.
- Intermediate familiarity with Microsoft Windows Server and Client technologies in an enterprise deployment. Basic familiarity with operating in Linux operating systems.
- Stay abreast of industry changes, legal updates and technical developments related to applicable area of the Company’s business to proactively respond to changing business environment.
Tokio Marine HCC group of companies offers a competitive salary and employee benefit package. We are a successful, dynamic organization experiencing rapid growth and are seeking energetic and confident individuals to join our team of professionals. The Tokio Marine HCC group of companies is an equal-opportunity employer. Please visit www.tmhcc.com for more information about our companies.