Company URL: https://www.berkleytechnologyservices.com/                                        

Berkley Technology Services (BTS) is the dynamic technology solution for W. R. Berkley Corporation, a Fortune 500 Commercial Lines Insurance Company. With key locations in Urbandale, IA and Wilmington, DE, BTS provides innovative and customer-focused IT solutions to the majority of WRBC’s 60+ operating units across the globe. BTS’s wide reach ensures that ideas and opinions are considered at every level of the organization to guarantee we find the best solutions possible.

Driven by a commitment to collaboration, BTS acts as consultants to our customers and Operating Units by providing comprehensive solutions that not only address the challenge at hand, but proactively plan for the “What’s Next” in our industry and beyond.

With a culture centered on innovation and entrepreneurial spirit, BTS stands as a community of technology leaders with eyes toward the future -- leaders who genuinely care about growing not only their team members, but themselves, and take pride in their employees who shine. BTS offers endless ways to get involved and have the chance to grow your career into a wide range of roles you'd never known existed. Come join us as we push forward into the future of industry leading technological solutions.

Berkley Technology Services: Right Team, Right Technology, Simple and Secure.

The Senior Information Security Engineer is responsible for implementing and managing a comprehensive security program to protect our organization’s data and systems from cyber threats.   They will work closely with other members of the IT team to ensure the security of our infrastructure, applications, and data. 

• Identify and define system security requirements across on‑premises, hybrid, and cloud environments, translating business and regulatory needs into actionable technical security controls and standards. (10%)
• Design security architectures and develop detailed cybersecurity designs for infrastructure, applications, and cloud services, including identity, network segmentation, logging, monitoring, and privileged access models. (5%)
• Prepare, maintain, and document standard operating procedures, technical standards, and security protocols, including cloud security baselines, privileged access workflows, and incident response runbooks. (10%)
• Configure, manage, and troubleshoot security infrastructure tools and platforms, including identity and access management, Privileged Access Management (PAM), cloud security services, and security monitoring solutions. (10%)
• Develop and engineer technical security solutions to mitigate risk and improve operational efficiency, with a strong focus on:
  • • Privileged Access Management (vaulting, session management, just‑in‑time access, secrets management)
    • Cloud security controls for IaaS, PaaS, and SaaS environments
    • Automation of repeatable security tasks using scripting, orchestration, and Infrastructure as Code
      (15%)
    • Collaborate closely with IT and Information Security teams (infrastructure, cloud, application, and DevOps) to ensure security controls are consistently implemented across systems, applications, data, and cloud platforms. (10%)
• Monitor emerging cybersecurity threats, attack techniques, and industry trends, assessing impact to the organization and recommending enhancements to tooling, architecture, and security posture. (5%)
• Provide technical guidance and hands-on support to IT teams on security best practices, secure design patterns, cloud security architecture, and privileged access controls. (10%)
• Prepare and present project status, risk updates, and security initiatives to leadership, clearly communicating technical concepts and risk-based recommendations. (5%)
• Lead and mentor junior security engineers, providing technical direction, design reviews, knowledge sharing, and support for skill development and career growth. (10%)
• Provide “Person in Charge” (PIC) coverage when on rotation, acting as the senior escalation point for complex security issues, incidents, and operational decisions. This responsibility is factored into base salary. (5%)

• 5 years experience as a Cloud Security Engineer, Information Security Engineer or Devsecops Engineer
• 5 years experience with network, cloud, and computer system security, including security mechanisms such as user access controls, role-based access control, SSO, file permissions, firewall policies, and audit logs.
• 5 years experience in security systems, including firewalls, intrusion detection systems, endpoint protection systems, web application firewalls, vulnerability scanning software, privilege access management, data loss protection, log management, content filtering.
• 5 years experience in developing and deploying security solutions to defend against advanced cyber threats
• 5 years experience in reviewing and monitoring security systems to ensure they are functioning properly and securely
• 5 years experience with investigating intrusion incidents, conducting investigations and handling security incidents.
• Bachelor’s degree in Computer Science, Information Security, Information Technology or related discipline
• CISSP, CISM, Azure Security Engineer or similar
• The Company is an equal employment opportunity employer.