The Company  

At Utica National Insurance Group, 1,400 employees countrywide take our corporate promise to heart every day: To make people feel secure, appreciated, and respected.

Utica National Insurance Group is an "A" rated $1.5B award-winning, nationally recognized property & casualty insurance carrier.

Operating along the Eastern half of the United States, our Home Office is based in Central New York, with Regional Office locations including Buffalo, Boston, NYC, Atlanta, Dallas, Columbus, Richmond, and Chicago.

What you will do

Review proposed designs and implementation plans for new and existing IT solutions to verify that they adhere to current security standards and follow “secure by design” principles. Work extensively with both IT Architects and Developers from conception and design to implementation and post-deployment verification.  Perform initial and periodic subsequent security focused risk assessments to verify that third party’s that provide IT services and/or those which have access to or we share NPI with, have the minimum required security controls implemented sufficient to mitigate information and cyber security risks and ensure protection of company assets and information. Periodically review existing IT solutions; UNIG and third party solutions, including any interdependencies to ensure IT solutions remain secure ongoing via manual and automated penetration and code scanning tools to identify vulnerabilities in IT solutions.  Make recommendations to remediate or mitigate associated risks to the extent possible or to a risk level acceptable to the business. Participate in IT initiative planning, design, implementation, testing, execution, and verification sessions, as required.  Work closely with development teams to ensure that applications are coded according to standards and best practices and provide solid guidance to the teams. Provide guidance how to perform static and dynamic application security scanning, review results, and document recommendations for remediation.  Work closely with IT teams to provide remediation guidance, as required. Perform risk assessment testing to identify gaps and/or opportunities for improvement of security controls. Periodically review exceptions to security standards and provide guidance to teams to remediate the underlying reason for non-compliance with current standards. Additional Responsibilities: Identify opportunities to create use cases to configure application logging to SIEM to analyze activity, trends, alerts, etc.  Coordinate with SIEM administrator to configure requirements. Identify by inspection or scanning, IT assets that capture, process, transmit, or store NPI and provide details to IT Solutions Security Architect for tracking in IT asset inventory. Ensure appropriate logs are retained as required by the various cyber regulations. Periodically review exceptions to security standards and provide guidance to teams to remediate the underlying reason for non-compliance with current standards. As a security SME, this role may also be called upon to help respond to and/or investigate a cyber event or breach of information.  Performs other duties as assigned. Conforms with all corporate policies and procedures.

What you need

Education: Bachelor's Degree; Computer Science or information technology related discipline preferred. Experience: Hands on experience in IT with a minimum of 5 years in two or more of the following: software design/lifecycle, network administration, database administration, web development, secure code review, penetration testing, and vulnerability management. Demonstrated ability to provide solid security design and implementation guidance to development and project teams required.

Salary range: $104,435-$156,653

The final salary to be paid and position within the internal salary range is reflective of the employee’s work experience, their geographic location, education, certification(s), scope and responsibilities in the role, and additional qualifications.

Benefits                          

We believe strongly that talented people are core to our success and are attracted to companies that provide competitive pay, comprehensive benefits packages, career advancement and challenging work opportunities. We offer a Comprehensive Benefits Plan for full time employees that include the following:

Medical and Prescription Drug Benefit Dental Benefit Vision Benefit Life Insurance and Disability Benefits  401(k) Profit Sharing and Investment Plan (Includes annual Company financial contribution and discretionary Profit Sharing contribution based upon annual company financial results) Health Savings Account (HSA)  Flexible Spending Accounts  Tuition Assistance, Training, and Professional Designations Company-Paid Family Leave Adoption/Surrogacy Assistance Benefit Voluntary Benefits - Group Accident Insurance, Hospital Indemnity, Critical Illness, Legal, ID Theft Protection, Pet Insurance Student Loan Refinancing Services Care.com Membership with Back-up Care, Senior Solutions Business Travel Accident Insurance Matching Gifts program Paid Volunteer Day Employee Referral Award Program Wellness programs

Additional information

This position is a full time salaried, exempt (non overtime eligible) position.

Utica National is an Equal Opportunity Employer.

Apply now and find out what it’s like to be a part of an amazing team, thrive in an exciting environment and work for a company you can be proud of. Once you complete your application, you can monitor your status in the hiring process by logging into your profile. A representative from our Talent Acquisition team will be in touch regarding any change in your candidacy.