Job Description:

Senior Security Engineer The Senior Security Engineer that will serve as a technical thought leader and hands-on senior contributor in the ongoing enhancement and monitoring of our Security Program for both AWS Cloud and on-prem. This individual will be responsible for installing and managing software security tools, analyzing metrics, and documenting any security issues discovered. Essential Functions and Responsibilities:Contributes to the development and maintenance of the information security strategyImplement, manage, and monitor security and auditing platforms including evaluation and deployment of new tools and techniques to better secure Plymouth Rock's infrastructure.Research, design, and advocate new technologies, architectures, and security productsAssist in the creation, maintenance, and execution of the security roadmap.Serve as the main point of contact with outside Managed Security Service Providers to ensure services are delivered effectively.Coordinate and perform security-related awareness campaigns and educational vestigate security incidents and other cyber security events. Apply security principles to networking, windows and desktop platforms, firewalls, IPSIDS devices and SIEM technologies.Fix detected vulnerabilities. Create and execute remediation plans for identified security threats to maintain a high-security standard.Research security enhancements and make recommendations. Stay up to date on information technology trends, news, and security standards. Qualifications and Education:Bachelor's degree in an Information Technology related majorSSCP, CompTIA Security+ or CISM preferred5+ years of combined experience working in information technology andor security Experience with information security in Cloud computing and SaaSIaaSPaaS models.Solid knowledge with AWS cloud security tools - Guard Duty, CloudTrail, Security Hub et al.Solid knowledge securing assets in AWS.Experience with implementing WAFs, Botnet protection and OWASP top 10 best practicesFamiliarity with microservice architectures and cloud-native technologiesAbility to meaningfully participate in code reviews and provide security guidance to software development teams.Familiarity with Continuous Integration and Continuous Delivery pipelines (CICD)Familiarity with product lines such as Veracode, Jenkins, Chef, PuppetExtensive experience configuring, deploying, and managing next gen endpoint protections, endpoint detectionresponse, secure web gateways and application firewallsExtensive knowledge of information technology operations, responsibilities, procedures to ensure adherence by all staff and make incremental improvements as neededExpert knowledge of and experience with application infrastructure components such as Windows Server, Active Directory, Group policy, SQL Server, IIS, VMWare and Tomcat.Experience with DLP, anti-virus and anti-malware. In-depth understanding of TCP IP, computer networking, routing and switching. Solid experience with firewall and intrusion detectionprevention protocols. Experience with Network protocols and packet analysis tools. Experience with Security Information and Event Management (SIEM). Understanding of IDS IPS, penetration and vulnerability testing.Ability to identify and mitigate vulnerabilities and explain how to avoid them. About the Company:The Plymouth Rock Company and its affiliated group of companies write and manage over $2.0 billion in personal and commercial auto and homeowner's insurance throughout the Northeast and mid-Atlantic, where we have built an unparalleled reputation for service. We continuously invest in technology, our employees thrive in our empowering environment, and our customers are among the most loyal in the industry. The Plymouth Rock group of companies employs more than 2,000 people and is headquartered in Boston, Massachusetts. Plymouth Rock Assurance Corporation holds an A.M. Best rating of "A-Excellent". #LI-DNI