SUMMARY
This role will work independently and be responsible for the daily operation and continuous tuning of Information Security systems to maintain and improve the overall security of the IT environment. The role will lead efforts to work across the lines of business to encourage their participation in sound security practices, risk management, and compliance. This role will regularly interact with members of IT, Legal, Finance, external partners and IT auditors. This role is part of the Information Security job family and will include opportunities for growth in areas such as; Information Security system design and architecture, cloud system security integrations, and secure application development initiatives.
WHY Jewelers Mutual:
We are a financially secure, exceptionally positioned, and intellectually curious company driven by our core values of Agility, Accountability and Relevancy! We continue to raise the tide of the jewelry industry we've served since 1913 through our innovative people, our unyielding customer commitment, and evolution of our products and services to be the most trusted advisor to all we serve.
With a generous benefits package, office locations throughout the United States, and a mantra of "making your mark today", consider evolving your career and shining bright with Jewelers Mutual Group!
Essential Duties and Responsibilities include the following. Other duties may be assigned.

• Be the primary escalation point for our vSOC and MDR service provider
• Own first level incident response; apply industry best practices on identifying security-related issues, work with other IT areas to establish and maintain effective procedures and controls, partake in off-hours support rotation
• Conduct daily Information Security log review and event analysis
• Research user reports related to security systems and make appropriate adjustments
  
  • Internet proxy policies
  • DLP policies
  • Email security policies
  • Phishing reports
• Quickly and transparently communicate issues and new risks while maintaining appropriate levels of discretion
• Ensure readiness for internal/external audits; test/evaluate information security administrative, technical, and physical controls and report findings
• Assist efforts in the development of IT security architecture, controls, processes, standards, policies and procedures that are aligned with enterprise policies, regulations, and industry best practiceAssist in measuring IT security through metrics and communication to stakeholders
• Develop, document, and maintain procedures for assigned information security systems
• Research information security best practices, vulnerability/exploit trends, & new information security technology
• Participate in technical and non-technical projects requiring information security oversight and to ensure policies, procedures and standards are met Advocate for compliance with security policies and associated, legal, and contractual requirements

To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
Qualifications

• Bachelor's degree from a four-year college or university (Preferred)
• Minimum 2 years of verifiable information security experience, preferably with (or combination of 2-5 years of IT system administration with a security focus)
• Knowledge of multiple computing platforms, including Windows, OSX, Linux, networks and endpoints
• Knowledge of multiple cloud computing platforms a plus
• Excellent verbal communication skills to effectively communicate information to technical and non-technical resources.
• Ability to manage information security projects (or initiatives) while maintaining high levels of quality and effectiveness.
• Inquisitive thought process and desire to understand the how's and why's of the environment
• Ability to influence others in support of Information Security programs
• Comfortable with working through ambiguity to clarify requirements and develop effective solutions
• Understanding of Information Security Best Practice and practical execution of security concepts
• Understanding of Cyber Security, US and International regulations, and ISO27K practices and principles
• Understanding of common technical, data, and security principles

Certificates, Licenses, Registrations
ISC2's CC or SSCP, CySA , Comp TIA Security , GIAC Security Essentials (GSEC) preferred
Physical Requirements

• Prolonged periods sitting at a desk and working on a computer.
• Occasionally required to stand; walk; use hands to finger, handle, or touch objects or controls; and talk or hear.