Great American Insurance Group

Be Here. Be Great. Working for a leader in the insurance industry means opportunity for you. Great American Insurance Group's member companies are subsidiaries of American Financial Group. We combine a "small company" culture where your ideas will be heard with "big company" expertise to help you succeed. With over 30 specialty and property and casualty operations, there are always opportunities here to learn and grow.

At Great American, we value diversity and recognize the benefits gained when people from different cultures, backgrounds and experiences work collaboratively to achieve business results. We are intentionally focused on fostering an inclusive culture and know valuing diversity is an essential leadership quality. Our goal is to create a workplace where all employees feel included, empowered and enabled to perform at their best.

The mission of the Enterprise Information Security Group (EISG) is to protect the confidentiality, integrity, and availability of the enterprise information assets. The program strives to maintain effective information security practices in support of and partnering with business units and the mission of the Company. The goal of the Enterprise Information Security Group is to mitigate unacceptable risks to key business and customer information through the implementation of security controls, baseline security standards, awareness, and management oversight.

EISG is accountable to work with all business units to assist in mitigating information security risk to an acceptable level across the enterprise. They are the central point of contact for all information security incidents and centrally mange key security services based on enterprise risk exposure. Information Security in not one group's responsibility. Each and every employee plays a role in the Company's security profile. EISG will be accountable to educate and train employees on the role they play in the enterprise program. 

EISG is looking for a Platform Security Engineer to join their team. This individual will ideally work a hybrid schedule out of the Cincinnati office.

Overview:

This position is a new role within the Enterprise Information Security Group (EISG) and is expected to provide technical expertise in our platform security program at American Financial Group. This is an advanced role within the team and will be a key resource in assuring the secure posture of numerous platforms. The successful candidate will possess advanced administrative and troubleshooting skills, and be knowledgeable about architecture, engineering and design policies and principles. 

Along with security leadership and security architecture this role will continually assess the threat landscape and adapt quickly to protect the business from risk. They must be highly technical and possess at least 5-7 years’ experience in security and system administration across a wide variety of local / cloud infrastructures and platforms, including software as a service (SaaS), infrastructure as a service (IaaS), and platform as a service (PaaS), as well as Kubernetes. This role will interface often with other business units and require strong listening and communication skills.

Primary Job Responsibilities will include:

• Develop and maintain secure platform security policies in our Cloud Security Posture Management tool.
• Help develop rich vulnerability and remediation strategies for platform security incidents.
• Protect key infrastructure in compliance with privacy, security, business resiliency, and compliance frameworks as defined.
• Conduct rigorous oversight of security systems and security configuration administration to reduce risk to enterprise systems and accounts.
• Work with key stakeholders to ensure proper best practices are being considered as key platforms are deployed.
• Document, formulate and enforce areas of security improvement that balance risk with business operations and do not diminish efficiencies or innovation.
• Build relationships with infrastructure and development groups to incorporate security principles into engineering design and deployments.
• Develop partnerships with IT production and engineering teams.
• Analyze and implement recommendations for security best practices and improvements to cloud infrastructure.
• Design and implement extensible and maintainable enterprise grade solutions using existing toolsets.
• Develop high-quality technical content including automation tools, reference architectures, and baselines to help our partners build on the work we deliver.
• Attend and fully engage in change and project management meetings.
• Mentor and invest in the development of team members.
• Performs other duties as assigned.

Qualifications:

• College degree in technology / sciences or equivalent work experience.
• Minimum 5 years’ experience with emphasis on cloud security and system administration.
• Deep understanding of network security best practices, including securely establishing connections to on-prem and cloud resources based on a zero-trust model. Hands on experience with network traffic analysis using tools including wireshark, tcpdump, and netflow data.
• An in-depth knowledge of network protocols.
• Proficient with scripting in languages such as Python and PowerShell.
• Proficiency in Wiz.io toolset.
• Strong experience with Kubernetes architecture and security.
• Detailed understanding of interacting with APIs.
• Hands on experience with DevOps tools and practices, including CI/CD pipelines, containerization, and infrastructure as code (IaC).
• Understanding of NIST, OWASP, CIS, CVSS, the MITRE ATT&CK framework and the secure software development lifecycle.
• Experience with operations and security across Amazon Web Services (AWS) Microsoft Azure, and Kubernetes.
• CCSK, CCSP, CISSP or equivalent security credential preferred.
• Strong communication skills required.
• Collaborate across a wide audience of stakeholders regarding business objectives, priorities, and impact of proposed changes.
• Ability to think both strategically and tactically and be recognized as a thought leader within the security group.
• Experience with public cloud VM/Storage architectures such as EC2, S3 and EBS..
• Familiarity with DevOps tools such as Terraform, Nexus Repository Manager, Git/Stash, Jenkins, VMware vRealize Automation (or VCD), Packer, Vagrant, Docker, Sonar.
• Motivated Self-starter, problem solver.

Business Unit:

AFG Enterprise Information Security

Benefits:

Compensation varies by role, position level, and location. Individual pay is influenced by skills, education, training, certifications, experience, and the role's scope and complexity, along with business needs.

We offer a competitive Total Rewards package, including medical, dental, and vision plans starting on day one, PTO, paid holidays, commuter benefits, an employee stock purchase plan, education reimbursement, paid parental leave/adoption assistance, and a 401(k) plan with company match. These benefits are available to eligible full-time and part-time employees.

Your recruiter can provide more details about our total rewards and specific compensation ranges during the hiring process.