Cyber Threat Operations and Engineering Specialist - CTOE
Johnston, Rhode Island
You’ll quickly learn that we’re not like other property insurance companies. We’re guided by the belief that most losses can be prevented. So we do everything we can to understand your business needs and reduce your risk.
What makes a successful Candidate at FM Global? Check out the traits we’re looking for and see if you have the right mix.
- Client/Customer Focus
- Decision Quality
- Collaboration and Teamwork
- Ensures Accountability
- Change Agent
- Communicates Effectively
Hear what our employees have to say about working at FM Global
employee since 2008
WHEN YOU'RE INVESTED IN SOLVING CHALLENGES, IT HELPS TO BE WITH A COMPANY THAT INVESTS IN YOUR SUCCESS.
My parents have always instilled in me the concept of working hard, having fun, thinking long term and planning for the future. FM Global is exciting, innovative and dynamic, and with so many professional opportunities here, it's also a company where you can spend your whole career and never get bored. I remember back during one of my initial interviews with FM Global, a manager shared that over 80% of the office staff had been with the company since they graduated college. That kind of longevity is one of the reasons I decided to work at FM Global. I'm proud to work for a company that invests in its employees and trains them to be the best. The willingness to learn is universal, the exposure to knowledge is infinite and the different career paths are endless. The opportunities to think long term don't get much broader.
See how FM Global and East Kentucky Power Cooperative partner to manage boiler and machinery risk.
FM Global Named One of America’s Best Employers by Forbes
Your financial goals are important to us, so we offer retirement programs that reflect local policy and custom.
Your time at FM Global should be valuable and enriching, with plenty of opportunities for skills development and career growth.
Eligible employees participate in an incentive plan based on the company achieving its annual financial goals.
More information about this job:
Overview - External:
FM Global is a leading property insurer of the world's largest businesses, providing more than one-third of FORTUNE 1000-size companies with engineering-based risk management and property insurance solutions. FM Global helps clients maintain continuity in their business operations by drawing upon state-of-the-art loss-prevention engineering and research; risk management skills and support services; tailored risk transfer capabilities; and superior financial strength. To do so, we rely on a dynamic, culturally diverse group of employees, working in more than 100 countries, in a variety of challenging roles.
Responsibilities - External:
FM Global is looking for an experienced and dedicated senior level cyber professional to complement and help lead our existing Cyber Threat Operations and Engineering Team (CTOE). The CTOE team is responsible for the selection, implementation, operation, maintenance, and growth of technology solutions intended to mitigate cyber security threats. These solutions range from network security technologies such as firewalls, URL filters, intrusion detection/prevention systems, advanced threat prevention technologies, and web application firewalls to server and endpoint solutions such as filesystem monitoring, filesystem encryption, vulnerability management and malware detection/prevention agents.
The successful candidate will be an experienced practitioner who has effectively developed security strategies, evaluated and selected technology solutions, and been responsible for the operation and integrity of a wide range of security controls. They should take pride in the quality of their work, and the effectiveness of the cyber security controls for which they are responsible.
Qualifications - External:
- Bachelor’s Degree in Information Security / Assurance, Computer Science, Information Technology, or a related discipline, or equivalent work experience or technical training with a non-related degree.
- One or more related certifications a plus (LPT, OSCP, GWAPT, GWEB, GCIA, GSNA, GCIH, CISSP, CEH, GPEN, GCED)
- Minimum of five (5) years of experience in information technology, security administration, business analysis, risk, audit, compliance, computer forensics, network perimeter security or other related discipline.
Skills and Abilities:
- Strong verbal and written communication skills.
- Solid Interpersonal skills.
- Ability to coordinate activities with team members and other stakeholders.
- Must have a strong work ethic, great time management skills and a positive attitude.
- Ability to work independently or on a team
- Ability to multi-task and change priorities with effective results.
- Proficiency with the Microsoft Office suite, with a heavy emphasis in Excel.PowerBI
- Experience working with vendors and resellers, handling vendor/reseller relationships, and bringing available resources to bear to solve problems or realize opportunities.
- Experience managing/leading projects and ability to produce any necessary artifacts.
- A strong understanding of cyber threats targeting enterprises, along with the tools, tactics, and procedures used by those threats
- Knowledge of computer network exploitation, computer network attack and computer network defense tools and techniques
- Strong knowledge of at least one of the following areas: operating systems, databases, systems, networks, application development.
- Strong knowledge of computer vulnerabilities, hacker methodologies and other threats.
- Experience with one or more of the following is preferred: ZScaler, Palo Alto, Cisco, F5, McAfee, Cylance, Bromium, Symantec, Varonis, Vormetric, Tenable, Rapid7, Mimecast, Proofpoint
- Possess strong technical security skills and comprehension of security and risk
- Demonstrated ability to looking for ways to improve relevant processes and controls to ensure best of breed, world class cybersecurity for the organization
- Network Security Practices: Planning, design, implementation, testing, and management
- Network architecture and protocols
- Conduct and lead Cybersecurity Projects, including:
- Participate in planning and implementation of information systems, including structure, process, and security.
- Must be able to effectively communicate security issues to technical teams as well as leadership
- Expected to maintain a deep understanding of current threat, vulnerabilities, attacks, countermeasures and how to respond effectively to them while providing training to the rest of the team on these items
- Able to develop meaningful metrics for security control effectiveness which enable the organization to make educated decisions based on risk and opportunity
- Knowledge of cloud IaaS services (AWS/Azure, etc.) and how to secure them
• Familiarity with common penetration testing and vulnerability assessment tools (nmap, Wireshark, Nessus, NeXpose, Kali, Metasploit, AppScan, WebInspect, Burp Suite Professional, Acunetix, Arachni, IronWASP) a plus