Esurance Principal Security Engineer in San Francisco, California
Esurance is looking for a Principal Security Engineer to join a dynamic and award-winning team of individuals who are committed to making insurance smarter, easier, and dare we say- cooler. As part of a growing company that is focused on providing an outstanding customer experience, you’ll have the opportunity to expand your skills and discover your potential.
If you’re looking for a career at a socially conscious company that offers great benefits — including matching 401k and tuition reimbursement — then you may have just found your new home.
Esurance combines the spunk of a startup company with the backing of Allstate (the largest publicly held personal lines insurer in the U.S.) to create a unique, energized, and exciting place to work.
The Principal Security Engineer develops and maintains an information security strategy for Esurance and ensures information security is prioritized across the company for all applications and processes. The Principal Security Architect develops relationships with internal subject matter experts for all technical areas, and drives to integrate security into every area.
Develops and maintains an Information Security strategy.
Identifies security issues and risks, and develops mitigation plans.
Ensures information security is addressed as a business issue across the company and provides overall coordination and management of all security activities within the company.
Develops and maintains relationships with business partner organizations to understand their business requirements and offer security solutions.
Develops and implements a framework for security processes, roles, and responsibilities throughout the organization.
Participates in the system development cycle to ensure that security issues are taken into account and addressed early.
Defines information security training requirements for employees, contractors, partners, and other third parties as appropriate.
Monitors compliance with the organization's information security policies and procedures among employees, contractors, partners, and other third parties; resolves potential issues as needed.
Performs information security risk assessments.
Serves as a resource cross-functionally to share security insights and best practices with teams across the company.
Monitors changes in legislation and accreditation standards that affect the Information Security program.
Expert in the principles and techniques of security risk analysis and demonstrated understanding of the management issues involved in implementing security processes and a security-aware culture in a corporate environment
Hands on experience with broad range of information security technology (network, infrastructure, end-point, monitoring, vulnerability management, and application).
Excellent communications (verbal and written), change management skills and ability to operate effectively in a fast-paced environment
Experience with M&A and track record of rapidly integrating acquired businesses in a secure manner
Experience with security regulatory requirements for insurance industry as well as PCI DSS
Knowledge of SEI's CMMI (http:
//www.sei.cmu.edu/cmmi/) model for secure software development
Proven ability to effectively lead and meet business objectives in a highly global, collaborative and high performance work environment
Ability to influence others where there is no direct authority.
Background and style that elicits respect in the organization through management style, technical depth, customer service and results.
Strong business/relevant industry acumen with the ability to quickly articulate alternative methods to secure business that does not overly constrain the ability to be competitive in a rapidly changing business climate
Hands on leadership style and ability to balance the need to expand business into new markets and ensure appropriate security controls are in place.
Ability to ?roll up sleeves? and perform wide variety of information security tasks.
Excellent leadership skills and ability to lead organization through rapid change.
Experience / Education:
BS degree in computer science, engineering or related field required, MBA desirable
Certified Information Systems Security Professional (CISSP) and/or Certified Information Security Manager (CISM)
Minimum 9 years experience implementing security solutions and processes
Minimum 9 years experience with Network Security technologies
2+ years previous management role in information security organization
Physical Demands and Work Environment: Representative of those that must be met by an employee to successfully perform the essential functions of this job. Must be able to operate a PC and sit for extended periods of time. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential
At Esurance, being committed to our employees is not just something we say, it’s something we do. Our benefits package is designed to help our associates stay healthy, meet their long-term financial goals, and balance the demands of work and personal life. Esurance rewards hard work, dedication, and creativity with competitive salaries and a generous bonus system. We are committed to our employees and we are dedicated to creating a diverse, positive, innovative and team-oriented work environment.
Health & wellness
Medical, vision, and dental insurance
Life insurance (company-paid and supplemental)
Accidental death and dismemberment coverage
Wellness coaching and incentives
Group critical illness coverage
Accident indemnity and hospital indemnity plans
401(k) plan with annual matching contribution
Performance-rewarding bonus system
Tuition assistance program (up to $5,250 per year)
Health savings and flexible spending accounts
Family & Community
Buckle Up Baby program
Pet insurance discount
Charitable gift matching
Give Time, Get Time volunteer program
Employee Assistance Program
Long-term disability (employee-paid option)
Paid time off (holidays, vacation, personal choice days)
External Company Name: Esurance Insurance Services, Inc.
External Company URL: www.esurance.com