We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
#alert
Back to search results
New

Information Security Team Lead Engineer

Ohio Farmers Insurance Company
United States, Ohio, Westfield Center
Mar 14, 2025

Job Summary:
As the Information Security Team Lead Engineer in our Security Operations Center (SOC), you will take a hands-on approach in designing, implementing, and maintaining the tools and infrastructure essential for safeguarding the organization's security posture. This pivotal role involves directly managing and enhancing system defenses, actively monitoring security events, leading incident response efforts, and developing enforcement frameworks against cybersecurity threats. You will serve as the technical subject matter expert and technical lead for the team, providing guidance and expertise to ensure the highest standards of security. As the expert resource, you will be the go-to person for complex technical issues and strategic security initiatives. By collaborating with cross-functional teams and conducting thorough risk assessments, you will both assess and strengthen security measures, ensuring compliance with industry regulations. Additionally, you will identify, mitigate, and counteract security risks in real-time.

Job Responsibilities:



  • Lead the design, implementation, and management of comprehensive information security projects and initiatives within the Security Operations team. Ensuring the confidentiality, integrity, and availability of information assets within the insurance company.
  • Act as Incident Commander: Report directly to the Security Operations Manager or Deputy CISO while leading the incident response process. Oversee the coordination of security measures, manage communications, ensure compliance with legal requirements, and handle documentation. Maintain a composed demeanor during crises and ensure resources are appropriately managed to secure the environment and facilitate continuous improvement.
  • Collaborate with leadership and the business to develop strategic roadmaps and plans, aligning business and security initiatives to effectively achieve organizational goals.
  • Develop, implement, and maintain robust security controls to protect company data and manage the security strategies, policies, and procedures to enhance cybersecurity readiness.
  • Lead and participate in incident response activities, including investigation, containment, and remediation of security incidents. Collaborate with internal teams and external stakeholders to minimize impact and prevent recurrence.
  • Serve as a subject matter expert (SME) for the design and maintenance of security monitoring and response solutions. Provide guidance to business areas, project teams, and vendors regarding the appropriate use of technology solutions.
  • Lead the delivery, implementation, and maintenance of SIEM and SOAR platforms to improve incident response capabilities and security operations.
  • Monitor security events and manage ongoing incident response efforts to ensure efficient threat detection, analysis, and containment.
  • Provide technical guidance and mentorship to junior security engineers and the SOC team, sharing expertise in secure architecture design, secure coding practices, vulnerability management, and daily operational strategies.
  • Engage with industry forums, security communities, and regulatory bodies to stay informed about emerging security threats and regulations, representing the company's interests and contributing to industry-wide security initiatives.
  • Architect and improve security systems by integrating new solutions and enhancing existing ones to ensure advanced protection against current and emerging threats.
  • Lead cybersecurity drills and training sessions to prepare the SOC team and the larger organization for high-pressure security incidents.
  • Collaborate with IT, network, and development teams to seamlessly integrate security practices across all technological domains of the organization.
  • Serve as the primary point of contact for all security-related activities within the SOC, providing expert consultation on security issues, preparing, and reviewing security incident reports, and ensuring compliance with all relevant security standards.
  • Evaluate security tools and vendors and lead the procurement and implementation of selected solutions to enhance the organization's security infrastructure and readiness.
  • Proficiency in leveraging pre-trained AI models (e.g., OpenAI models) for security applications, integrating AI for threat intelligence and automated threat detection and response, data analytics for processing and analyzing security data, experience in deploying AI solutions within security frameworks, aligning AI tools with cybersecurity strategies, ensuring ethical use of AI in security contexts, and maintaining robust AI systems in secure environments.
  • Lead the collaboration between the Security Operations team and the Red Team to develop innovative and effective Purple Team exercises, enhancing our organization's threat detection and incident response capabilities.
  • Actively engage in internal groups such as Technical Advisory Boards (T-CAB), Communities of Practice, and cohorts to advocate for security best practices and drive a culture of security awareness across the organization.
  • Develop and maintain comprehensive dashboards and reports for key performance indicators (KPIs) such as Mean Time to Resolve (MTTR), Mean Time to Detect (MTTD), project milestones, and alert accuracy to support management's strategic decision-making.



Job Qualifications:



  • Bachelor's degree in Information Security, Computer Science, IT, or related field. Master's degree preferred.
  • 6-10 years of experience in Information Security, with at least 2 years in a lead role focused on Security Operations.
  • In-depth knowledge of data protection laws (GDPR, HIPAA) and security standards (ISO 27001, NIST).
  • At least 2 relevant certifications: CISSP, GMON, GCIH, or similar.
  • Expertise in incident response, security monitoring, and automation preferred
  • Experience designing, implementing, and maintaining security monitoring solutions (QRadar, Sentinel, Elastic, Graylog) preferred
  • Experience designing, implementing, and maintaining security Automation solutions (Swimlane, Phantom, Tines, Torq) preferred
  • Deep understanding of security logs, monitoring, and rule writing preferred.
  • Strong analytical, problem-solving, and management skills preferred.
  • Knowledge of security best practices and security solutions preferred.
  • Knowledge of network security best practices preferred.
  • Experience in a cloud-based environment (Azure and AWS) preferred.
  • Scripting and programming knowledge (PowerShell, Python, Golang, JavaScript) preferred.



Behavioral Competencies:



  • Cultivates Innovation
  • Collaborates and Communicates Effectively
  • Strategic Mindset
  • Decision Quality
  • Result Driven
  • Plans and Aligns
  • Manages Conflict and Complexity
  • Mentors and Develops Others



Applied = 0

(web-b798c7cf6-8cvgl)