Lead Information Security Operations Engineer

The Sr Information Security Operations Engineer will report to the Associate Director, Security Operations. The Sr Information Security Operations Engineer will be the individual responsible for security configurations and engineering for all information security systems, for on-premise and cloud-based security systems. This role will be responsible for the operational management of all Information Security systems. These systems include: Security Data Loss Prevention, Identity and Access Management, Authentication Platforms, Advanced Malware and Anti-Virus, Web Filter, Proxy, SIEM (Security Incident Event Manager), File Integrity Monitoring, IPS/IDS, Database Activity Monitoring, Threat Intelligence, Secure Configuration Management, and Network Security along with the direct security configuration aspects of VCenter, Citrix, Windows Active Directory, Exchange, and any other Information Systems.  

PRIMARY JOB RESPONSIBILITIES:  

• Primary responsibility will revolve around securing the organization's infrastructure by monitoring, triaging, and remediating security events, with a strong focus on enhancing our overall security posture 

• Actively support the Security Operations Center (SOC) by crafting advanced queries, alerts, leading incident response efforts, investigations, and digital forensics preservation activities 

• Experience with conducting information security investigations and responding to alerts from email security, endpoint protection, and SIEM tools 

• Contribute to the organization's security framework by designing incident response playbooks, organizational policies, and gap analysis documents 

• Proven track record of successfully implementing security automation solutions within corporate environments, with a strong focus on alert triage, incident response, patch management, and vulnerability management 

• Deep knowledge of cyber threats, vulnerabilities, and threat hunting processes 

• Knowledge of adversarial tactics and techniques 

• Experience with the management of endpoint protection, intrusion detection, security event monitors, email security, firewalls, and other security devices/tools 

• Ability to collect and analyze data to guide decision making 

• Knowledge of Data Loss Prevention (DLP) principles and administration of DLP tools and policies 

• Continuously advance your expertise and knowledge to be able to lead the team in handling security incidents and implementing best practices 

• Other duties as needed or required.  

JOB QUALIFICATIONS:  

Required:  

• BS and the equivalent of 5 years working in Information Security or equivalent 7 years of work experience, in a highly regulated environment, preferably in Healthcare or Fintech, in which there are demonstrated progressive levels of responsibility, experience, and leadership and hands-on experience with the implementation and configuration of security controls 

• Extensive experience with Identity and Access Management, Vulnerability Management, Database Security, Network Security, Active Directory, Patch Management, and Advanced Malware solutions 

• A deep knowledge of technical security assessments and evaluations, and how to lead them  

• Extensive working knowledge of Firewalls, Switches, Routers, Network Sensors, Endpoint Controls, Server Controls, and Data Loss Prevention is required 

• Knowledge of technical security assessments including NIST 800-53, HITRUST, PCI DSS 

• Security certifications preferred (CISSP, OSCP, CISM, GIAC)

• Knowledge of Python, Regex, PowerShell, SQL, JSON, and XML and at least some experience in an object-oriented programming language is desirable but not required 

• Excellent verbal and written communication skills 

• Effective organization, prioritization, negotiation and influencing skills 

PHYSICAL DEMANDS: 

• Incumbent must be able to communicate effectively.    

• Requires overall light physical effort (up to 25lbs.)  

• Manual dexterity and sitting is required in carrying out position own position responsibilities (i.e. use of personal computer).  

• Ability to travel or move about within and outside serviced facilities required.               

• Incumbent works primarily in either a private or shared office environment. 

Life is brighter when you work at Sun Life 
-
Excellent benefits and wellness programs to support the three pillars of your well-being – mental, physical and financial – including generous vacation and sick time, market-leading paid family, parental and adoption leave, a partially-paid sabbatical program, medical plans, company paid life and AD&D insurance as well as disability programs and more 
-
Retirement and Stock Purchase programs to help build and enhance your future financial security including a 401(k) plan with an employer-paid match as well as an employer-funded retirement account  
-
A flexible work environment with a friendly, caring, collaborative and inclusive culture  
-
Great Place to Work® Certified in Canada and the U.S.  
-
Named as a “Top 10” employer by the Boston Globe's “Top Places to Work” two years running 
  
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. 
  
If you are a California resident, the salary range for this position is: 
-
Southern region: $103,900 - $155,900 annually    
-
Central region: $109,600 - $164,400 annually   
-
Northern region: $ 117,100 - $175,700 annually    
 
If you are a Colorado resident, the salary range for this position is $99,200 $148,800 annually. 
  
If you are a New York resident, the salary range for this position is :$109,600 - $164,400 annually.  
 
If you are Washington resident, the salary range for this position is $117,100 - $175,700 annually. 
 
 
-
The full range minimum and maximum listed in the job posting is tied to the GCF level and job family.   
 
We consider various factors in determining actual pay including your skills, qualifications, and experience.  In addition to salary, this position is eligible for incentive awards based on individual and business performance as well as a broad range of competitive benefits. 
 
Sun Life Financial is a leading provider of group insurance benefits in the U.S., helping people protect what they love about their lives. More than just a name, Sun Life symbolizes our brand promise of making life brighter -for our customers, partners, and communities. Join our talented, diverse workforce and launch a rewarding career. Visit us at www.sunlife.com/us to learn more. 
 
At Sun Life we strive to create a flexible work environment where our employees are empowered to do their best work. Several flexible work options are available and can be discussed throughout the selection process depending on the role requirements and individual needs.  
 
#LI-remote