• Job Description

  Req#: R-103774

  The senior security assurance engineer will support, deliver, and lead many aspects associated with the offensive security strategy. This includes guidance on the design, implementation, development, and execution of solutions to maintain and improve the security posture of our environment. This role will require advanced understanding of all aspects of information security and information technology – including policies, standards, technical procedures/processes, and regulatory requirements. The solutions shall be designed to mitigate and/or reduce business exposure to information security threats.

  What will be my duties and responsibilities in this job?

  • Penetration Testing: Security Testing of applications and infrastructure from an adversary view.

  • Responsible Disclose: Managing the communication path with security researchers (AKA Ethical Hackers) to report cyber security issues to Assurant.

  • Bug Bounty: Work with upper tier security researchers to find cyber security issues at Assurant and provided compensation for notable findings uncovered via paid bounties.

  • Attack Surface Analysis: Discover critical misconfigurations, obsolete infrastructure, improve our security posture, and improve Assurant’s cyber security business rating.

  • Adversary Simulations: Use of adversary tradecraft to attempt to uncover attack paths that could be used to compromise critical controls and to test our resilience against various types of cyber-attacks.

  • Critical Controls Testing: Perform testing of critical controls as requested by Senior Management Team.

  What are the requirements needed for this position?

  • 7+ years of experience in the field of IT

  • 5+ years of experience in information security, security engineering, security event monitoring, incident response, eDiscovery forensic, infrastructure administration, or security administration

  • 2+ years of experience conducting penetration testing

  • Strong knowledge of security testing methods related to vulnerability management, ethical hacking, penetration testing, application code testing and offensive security best practices

  • Strong knowledge of Open Web Application Security Project (OWASP) top 10 vulnerabilities

  • Experience reading application code to locate possible issues and ability to create their own scripts in their preferred scripting language (HTML, Python, C#, etc.)

  • Strong knowledge of open-source offensive security tools (NMAP, RECON-NG, SQLMAP, C2 frameworks, etc.)

  • Experience with Burp Suite, Kali Linux, etc. are desired

  What other skills/experience would be helpful to have?

  • Bachelor’s degree (or higher) in Information Systems, Computer Science, Engineering, or related.

  • Active security certification desired or willingness to obtain.

    • CompTIA Security+

    • GIAC Security Essentials

    • Certified Security Analyst (ECSA)

    • Certified Ethical Hacker (CEH)

    • Certified Red Team Operator (CRTO)

    • Offensive Security Certified Professional (OSCP)

    • Certificated Information Systems Security Professional (CISSP)

  #AssurantProudJR

  #LI-Remote

  Pay Range:

  $84,100.00 - $140,500.00

  Any posted pay range considers a wide range of compensation factors, including candidate background, experience and work location, while also allowing for salary growth within the position.

  Expected application deadline is

  05/27/2024

  If date is blank then this is a pipeline requisition, and we will continue to collect applications on an ongoing basis.

  Helping People Thrive in a Connected World
  Connect with us. Bring us your best work and your brightest ideas. And we’ll bring you a place where you can thrive. Learn more at jobs.assurant.com .

  For U.S. benefit information, visit myassurantbenefits.com . For benefit information outside the U.S., please speak with your recruiter.

  What’s the culture like at Assurant?
  Our unique culture is a big reason why talented people choose Assurant. Named a Best/Great Place to Work in 13 countries and awarded the Fortune America’s Most Innovative Companies recognition in 2023, we bring together top talent around the world. Although we have a wide variety of skills and experiences, we share common characteristics that are uniquely Assurant. A passion for service. An ability to innovate in practical ways. And a willingness to take chances. We call our culture The Assurant Way .

  Company Overview
  Assurant is a leading global business services company that supports, protects, and connects major consumer purchases. A Fortune 500 company with a presence in 21 countries, Assurant supports the advancement of the connected world by partnering with the world’s leading brands to develop innovative solutions and deliver an enhanced customer experience through mobile device solutions, extended service contracts, vehicle protection services, renters insurance, lender-placed insurance products, and other specialty products.

  Equal Opportunity Statement
  Assurant is an Equal Employment Opportunity employer and does not use or consider race, color, religion, sex, national origin, age, disability, veteran status, sexual orientation, gender identity, or any other characteristic protected by federal, state, or local law in employment decisions.

• About the company

  Assurant, Inc. is a global provider of risk management products and services with headquarters in New York City. Its businesses provide a diverse set of specialty, niche-market insurance products in the property, casualty, extended device protection, and preneed insurance sectors.

Notice