Security Engineer

| Greater Boston Area

Ahead of the Curve.
No one knows the road like Agero. For over 40 years, we have provided the safest, smartest solutions for drivers and the companies that keep them moving.
As a result, we have become an industry leader, providing vehicle manufacturers and insurance carriers with privately labeled state-of-the-art roadside assistance plans and efficient claims management solutions. Our Roadside Assistance network protects more than 75 million drivers each year, providing award-winning service that helps motorists in their time of need while building customer loyalty for our clients.
Headquartered in Medford, MA with operations throughout North America, we are trusted by more than 100 leading corporations and used by 75% of the new passenger vehicles sold in the U.S. As a result, we have more information about cars and drivers than any other company. We use that data to continually enrich our solutions, maximizing our customers' opportunities while minimizing driver distraction.

As a member of the Agero Security Team, this position is responsible for protecting data and information systems from unauthorized access, use, disclosure, disruption, modification or destruction; and protecting information and other valuable assets stored within facilities. This role covers systems that are located on premise or in the cloud and assists with developing network security to protect electronic information in transit over networks. The Security Engineer will be involved in a wide range of projects including developing methodologies requiring security best practices and use of industry standards, such as ISO 27001/2:2013, CIS, etc. Responsibilities include helping to maintain compliance to major governance and regulatory standards such as: PCI Data Security Standards, Massachusetts Data Protection Regulations, GDPR and other data protection standards. The Security Engineer will also work to ensure successful completion of vulnerability audits and assessments, as required.


KEY OUTCOMES

Strategy & Planning

  • Assist in developing and maintaining the enterprise’s security awareness training program.
  • Help create and maintain the enterprise’s security documentation (policies, standards, procedures and guidelines) in the corporate ISMS.

 

Deployment

  • Maintain up-to-date knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes, and the development of new attack and threat vectors.
  • Work as part of a team to select, test and acquire additional security solutions or enhancements to existing security solutions to improve overall enterprise security.
  • Participate in the deployment, integration and initial configuration of new security solutions and enhancements to existing security solutions in accordance with best practices.


Operational Management

  • Ensure the confidentiality, integrity and availability of the data residing on or transmitted to or from enterprise systems, on premise or in the cloud.
  • Participate in all investigations into security events or incidents and provide communication to senior management.
  • Participate in designing and executing vulnerability assessments, penetration tests and security audits.
  • Engage in ongoing communications with peers in the DevOps, Engineering and Networking groups as well as the various business groups to ensure enterprise-wide understanding of security goals, and solicit feedback and foster co-operation.
  • Understanding of wired and wireless network security devices.

 

KNOWLEDGE, SKILLS AND ABILITIES:


EDUCATIONBachelor's degree in Engineering or Computer Science or equivalent combination of education and work experience. Any security certifications are a plus.


REQUIRED EXPERIENCE: 2 years information security or related engineering experience. Ability to work with the Engineering and Infrastructure teams in implementing security controls. Ability to articulate vulnerability and risk based on a technical security posture. Ability to support the development of system level plan of action and milestones.

2 years experience in:

  • Deployment, support of Security Devices including Web Application Firewalls, Intrusion Detection Systems, SIEM, third party tools, (URL filtering, Varonis, Tripwire);
  • Vulnerability assessments and penetration tests;
  • Ensuring compliance with security policies and procedures.
  • Measure, track and report the security vulnerability status of IT assets.
  • Experience with cloud environments and cloud security

DESIRED EXPERIENCE:

  • Experience with compliance with Payment Card Industry Standards (PCI or PCI DSS);
  • Familiarity with GDPR compliance


SKILLS: 

  • Demonstrated on-the-job experience assuring software applications adhere to continuous monitoring and compliance with security controls.
  • Knowledge and experience with key management.
  • Knowledge and practice utilizing role-based access control and certificates to authenticate end points, system processes, and users.
  • Experience and knowledge of penetration testing methodologies and tools.
  • Base knowledge of exploit techniques and hacker methodologies.
  • Demonstrated on-the-job experience writing and reviewing risk assessment and mitigation reports.
  • Ability to communicate security-related concepts to a broad range of technical and non-technical staff.
  • Base knowledge of IP based applications (WWW, SMTP, DNS, SNMP, etc.).
  • Base knowledge of protocol filtering, network security and packet level analysis tools to resolve network security problems.
  • Understanding of wired and wireless network security devices.
  • Any experience Verizon MSSP, Imperva, McAffee, Varonis, TripWire, Tufin, Websense, Ironport, Splunk, Netbrain, or Netwrix products a plus.


COMPLEXITY:Proven troubleshooting and problem solving skills. Base understanding of networking concepts and project management skills.

Read Full Job Description

Technology we use

  • Engineering
  • Product
  • Sales & Marketing
    • .NETLanguages
    • GolangLanguages
    • JavaLanguages
    • JavascriptLanguages
    • PerlLanguages
    • PythonLanguages
    • ScalaLanguages
    • D3JSLibraries
    • jQueryLibraries
    • jQuery UILibraries
    • ReactLibraries
    • Twitter BootstrapLibraries
    • Backbone.jsFrameworks
    • FlaskFrameworks
    • Node.jsFrameworks
    • Ruby on RailsFrameworks
    • MongoDBDatabases
    • PostgreSQLDatabases
    • RedisDatabases
    • SQLiteDatabases
    • Google AnalyticsAnalytics
    • OptimizelyAnalytics
    • IllustratorDesign
    • InVisionDesign
    • PhotoshopDesign
    • SketchDesign
    • Aha!Management
    • ConfluenceManagement
    • TrelloManagement
    • DrupalCMS
    • WordpressCMS
    • HubSpotCRM
    • Microsoft DynamicsCRM
    • SalesforceCRM
    • ZohoCRM

Location

We are located in Medford, MA, right at Wellington Station with close access to the MBTA, I-93, Assembly Row, and a stones throw away from Boston.

An Insider's view of Agero

What projects are you most excited about?

“We're passionate about making the roads safer with our Driver360 mobile platform. We’ve developed crash detection technology that helps people when they're most in need, and we're using billions of miles of driving data to study crash risk factors and find ways to help people avoid crashing in the first place.”

Michael

Sr Data Scientist, Business Intelligence

How does the company support your career growth?

Agero has provided me the opportunity to work on a number of different strategic, cross-functional projects.

Ashley

Manager, HR Initiatives

What's the biggest problem your team is solving?

Our Engineering/IT teams are moving to the Amazon AWS cloud, which involves a lift/shift for some applications as well as rewriting other applications to be more micro service orientated. This effort is a huge transformation which includes new roles, training and re-thinking how IT operates as a cloud service organization.

Karen

Director, DevOps

What are Agero Perks + Benefits

Health Insurance & Wellness Benefits
Dental Benefits
Vision Benefits
Health Insurance Benefits
Onsite Gym
Retirement & Stock Options Benefits
401(K)
401(K) Matching
Child Care & Parental Leave Benefits
Flexible Work Schedule
Vacation & Time Off Benefits
Unlimited Vacation Policy
Paid Volunteer Time
Perks & Discounts
Casual Dress
Commuter Benefits
Game Room
Happy Hours
Parking
Professional Development Benefits
Job Training & Conferences
Tuition Reimbursement
Lunch and learns
Whether it's personal development or for general education about our business, Learn at lunch is a big part of who we are!

Additional Perks + Benefits

We’ve got the benefits you’re use to and some you aren’t – including flexible health and dental care from your choice of doctors. We take care of the time off and allow you to make decisions about how much you want to carry over from year to year so you can recharge your batteries and achieve harmony both inside and outside of the workplace. How many places set you up with laptops and two monitors as standard fare? We’ve got more discounts and perks than you can count on 2 hands – and they are meaningful! Plus we offer a free subscription to the CC Motor Club.

More Jobs at Agero14 open jobs
All Jobs
Finance
Dev + Engineer
HR
Legal
Operations
Product
Project Mgmt
Sales
Developer
new
Boston
Developer
new
Boston
Operations
new
Boston
Developer
new
Boston
Developer
new
Boston
Sales
new
Boston
Finance
new
Boston
Developer
new
Boston
Product
new
Boston
Project Mgmt
new
Boston
Operations
new
Boston