James River Management Company
Information Security Operations Analyst II (Information Technology)
James River Management Company, Raleigh, North Carolina, United States, 27601
Information Security Operations Analyst II (Information Technology)
Raleigh, NC, USA * Richmond, VA, USA * VirtualReq #132
Monday, August 12, 2024
Come grow with James River Insurance!James River Insurance is an excess and surplus lines segment of James River Group Holdings, Ltd. and operates on an approved non-admitted basis in 50 states and Washington, DC. Since 2003, James River has provided thousands of commercial property and casualty customers with innovative and creative solutions for particular insurance needs.At James River Insurance, we are committed to providing a stable and rewarding work environment supported by our Core Values and Guiding Principles: Integrity, Accountability, Innovation, Customer Service, Communication, and Teamwork. We are proud of our recent national recognition as a 2023, 2022, and 2021 Top Workplaces USA awards.James River Group Holdings, Ltd. is a Bermuda-based insurance holding company which owns and operates a group of specialty insurance and reinsurance companies. The Company operates in two specialty property and casualty insurance segments: Excess and Surplus Lines and Specialty Admitted Insurance. The Company tends to focus on accounts associated with small or medium-sized businesses in each of its segments. Each of the Company's regulated insurance subsidiaries are rated "A-" (Excellent) by A.M. Best Company.Job SummaryThe Information Security Operations Analyst II plays a crucial role in tactical efforts to ensure the security of company systems and data. This role includes a wide range of responsibilities, including threat intelligence, vulnerability management, incident response, as well as defensive control research and management. The Security Operations Analyst II will often partner with IT and business teams to drive cybersecurity improvements and act as an escalation resource for security analysis and incident handling. Additionally, they will maintain a high level of awareness of evolving technology and cybersecurity concerns in their pursuit to defend the company against emerging cyber threats.Duties and ResponsibilitiesContinually exhibit and uphold Core Values of Integrity, Accountability, Communication and Teamwork, Innovation and Customer ServiceContinuously monitor security alerts and events from various sources, including network and application services, endpoint and SIEM tools, etc. to identify potential security incidents and anomaliesInvestigate and analyze security incidents to determine their nature, scope, and impact, taking immediate action to contain, mitigate, and remediate security breaches to minimize damageStay informed about emerging cybersecurity threats, vulnerabilities, and attack techniques, using threat intelligence to proactively identify potential threats and vulnerabilities, and take measures to prevent themMaintain detailed records of security incidents, their causes, and the actions taken for analysis, reporting, and compliance purposes, generating and submitting reports to management and stakeholders, as necessaryManage and maintain security technologies, including SIEM systems, vulnerability management systems, endpoint and network security systemsMaintain awareness of information security best practices and communicate their applicability within the Information Security Office and IT organizationPartner with the Security Operations team and management to conduct security assessments to ensure that management, operational, and technical security controls are properly implemented and maintainedLead the refinement of security processes, procedures, and policiesSupport business units and staff, communicating applicable policies and standards, as well as escalating to Information Security management when appropriateConsult with various areas of the business as an information risk subject matter expertServe as a mentor and trainer for Information Security Operations Analyst I under the direction of managementServe as an escalation point by guiding and helping team members with project issues
Knowledge, Skills and AbilitiesIntermediate to advanced knowledge of foundational cybersecurity policy, compliance, and risk management principles, IT service management, the systems development lifecycle, and Agile methodologiesAbility to think laterally and innovatively while implementing security improvements that suit business risk toleranceMethodical, data-driven approach to security and risk analysisAbility to convey technical process information in a clear and concise mannerStrong desire for continuous improvementAbility to identify, recommend and implement innovative solutionsAbility to partner with senior team members to write policies, procedures, and assessmentsProactive and results-driven work ethicExcellent organizational skillsSolid written, verbal, and presentation skillsAbility to successfully prioritize and manage deadlinesAbility to effectively communicate with peers and senior staffAbility to organize complex information, pay close attention to detail and handle multiple tasksAbility to work successfully as an individual contributor and in a team environmentAbility to mentor others and lead project teams
Experience and EducationBachelor's Degree in related field (IT, IS, Computer Science or Engineering) or equivalent combination of education, training and relative experience requiredMinimum of four years of related experience (security operations, vulnerability management, incident response, etc.) requiredAdvanced certifications (CISSP, GSEC, CCSP, etc.) strongly preferred
#LI-CM1Other detailsJob FamilyInformation Technology
Job Sub FamilySecurity, Compliance & Operations
Pay TypeSalary
Required EducationBachelor's Degree
Job Start DateMonday, August 12, 2024
Apply Now
Share this job:
Raleigh, NC, USA * Richmond, VA, USA * VirtualReq #132
Monday, August 12, 2024
Come grow with James River Insurance!James River Insurance is an excess and surplus lines segment of James River Group Holdings, Ltd. and operates on an approved non-admitted basis in 50 states and Washington, DC. Since 2003, James River has provided thousands of commercial property and casualty customers with innovative and creative solutions for particular insurance needs.At James River Insurance, we are committed to providing a stable and rewarding work environment supported by our Core Values and Guiding Principles: Integrity, Accountability, Innovation, Customer Service, Communication, and Teamwork. We are proud of our recent national recognition as a 2023, 2022, and 2021 Top Workplaces USA awards.James River Group Holdings, Ltd. is a Bermuda-based insurance holding company which owns and operates a group of specialty insurance and reinsurance companies. The Company operates in two specialty property and casualty insurance segments: Excess and Surplus Lines and Specialty Admitted Insurance. The Company tends to focus on accounts associated with small or medium-sized businesses in each of its segments. Each of the Company's regulated insurance subsidiaries are rated "A-" (Excellent) by A.M. Best Company.Job SummaryThe Information Security Operations Analyst II plays a crucial role in tactical efforts to ensure the security of company systems and data. This role includes a wide range of responsibilities, including threat intelligence, vulnerability management, incident response, as well as defensive control research and management. The Security Operations Analyst II will often partner with IT and business teams to drive cybersecurity improvements and act as an escalation resource for security analysis and incident handling. Additionally, they will maintain a high level of awareness of evolving technology and cybersecurity concerns in their pursuit to defend the company against emerging cyber threats.Duties and ResponsibilitiesContinually exhibit and uphold Core Values of Integrity, Accountability, Communication and Teamwork, Innovation and Customer ServiceContinuously monitor security alerts and events from various sources, including network and application services, endpoint and SIEM tools, etc. to identify potential security incidents and anomaliesInvestigate and analyze security incidents to determine their nature, scope, and impact, taking immediate action to contain, mitigate, and remediate security breaches to minimize damageStay informed about emerging cybersecurity threats, vulnerabilities, and attack techniques, using threat intelligence to proactively identify potential threats and vulnerabilities, and take measures to prevent themMaintain detailed records of security incidents, their causes, and the actions taken for analysis, reporting, and compliance purposes, generating and submitting reports to management and stakeholders, as necessaryManage and maintain security technologies, including SIEM systems, vulnerability management systems, endpoint and network security systemsMaintain awareness of information security best practices and communicate their applicability within the Information Security Office and IT organizationPartner with the Security Operations team and management to conduct security assessments to ensure that management, operational, and technical security controls are properly implemented and maintainedLead the refinement of security processes, procedures, and policiesSupport business units and staff, communicating applicable policies and standards, as well as escalating to Information Security management when appropriateConsult with various areas of the business as an information risk subject matter expertServe as a mentor and trainer for Information Security Operations Analyst I under the direction of managementServe as an escalation point by guiding and helping team members with project issues
Knowledge, Skills and AbilitiesIntermediate to advanced knowledge of foundational cybersecurity policy, compliance, and risk management principles, IT service management, the systems development lifecycle, and Agile methodologiesAbility to think laterally and innovatively while implementing security improvements that suit business risk toleranceMethodical, data-driven approach to security and risk analysisAbility to convey technical process information in a clear and concise mannerStrong desire for continuous improvementAbility to identify, recommend and implement innovative solutionsAbility to partner with senior team members to write policies, procedures, and assessmentsProactive and results-driven work ethicExcellent organizational skillsSolid written, verbal, and presentation skillsAbility to successfully prioritize and manage deadlinesAbility to effectively communicate with peers and senior staffAbility to organize complex information, pay close attention to detail and handle multiple tasksAbility to work successfully as an individual contributor and in a team environmentAbility to mentor others and lead project teams
Experience and EducationBachelor's Degree in related field (IT, IS, Computer Science or Engineering) or equivalent combination of education, training and relative experience requiredMinimum of four years of related experience (security operations, vulnerability management, incident response, etc.) requiredAdvanced certifications (CISSP, GSEC, CCSP, etc.) strongly preferred
#LI-CM1Other detailsJob FamilyInformation Technology
Job Sub FamilySecurity, Compliance & Operations
Pay TypeSalary
Required EducationBachelor's Degree
Job Start DateMonday, August 12, 2024
Apply Now
Share this job: