Job Description

Are you looking to make an impactful difference in your work, yourself, and your community? Why settle for just a job when you can land a career? At ICW Group, we are hiring team members who are ready to use their skills, curiosity, and drive to be part of our journey as we strive to transform the insurance carrier space. We're proud to be in business for over 50 years, and its change agents like yourself that will help us continue to deliver our mission to create the best insurance experience possible.

Headquartered in San Diego with regional offices located throughout the United States, ICW Group has been named for ten consecutive years as a Top 50 performing P&C organization offering the stability of a large, profitable and growing company combined with a focus on all things people. It's our team members who make us an employer of choice and the vibrant company we are today. We strive to make both our internal and external communities better everyday! Learn more about why you want to be here!

PURPOSE OF THE JOB

The purpose of the Cloud Security Engineer III is to design secure architectures and develop cybersecurity approaches and techniques for the security of any cloud or SaaS solution. This position will assist with strategic initiatives for short and long-term plans to identify and reduce the attack surface across cloud, SaaS and on premises applications and systems, which may include support for AI/ML platforms such as data pipelines, model development environments, and model serving infrastructure.

This position is responsible for keeping the cloud and/or AI/ML platform infrastructure current, making recommendations, and participating in the implementation and continuous improvement of technologies and services in cloud-based and machine learning environments.

The position exists to monitor and defend ICW Group’s technology—which may include cloud platforms, SaaS solutions, and AI/ML systems—against potential threats that jeopardize the financial growth, data integrity, and security goals of the Company.

ESSENTIAL DUTIES AND RESPONSIBILITIES

Monitors and defends cloud-based information systems against unauthorized access, modifications and/or destruction.

• Monitors networks and systems for security breaches, using software that detects intrusions and anomalous system behavior and develops strategies to respond to and recover from a security breach.

• Leads security incident response, including preparation, detection, analysis, containment, eradication, and recovery.

• Researches and implements methods to remediate network and application security vulnerabilities.

• Leads and participates in security controls reporting, compliance audits, monthly and ad-hoc statistics and trends, and risk-focused reports including internal and 3rd party Risk Assessments.

• Utilizes automated tools to identify, assess, and report security concerns, with emphasis placed on effective communication to stakeholders. Takes an active lead to inform, advise, and partner with business units to help better secure operations.

• Provides management of cloud security solutions/platforms including access management and data protection, coordination of security services, and support during incident cases.

• Directs and influences multi-disciplinary teams in implementing and operating Cyber Security controls.

• Collaborates with internal teams to support implementation of security best practices.

• Collaborates with application developers and database administrators to deliver creative solutions to difficult cloud technology challenges and business requirements.

Leads and runs complex cloud security related projects and resolves security related issues.

• Resolves complex security projects and issues. Develops a set of security standards to respond to and recover from a security breach focused on cloud , SaaS and/or AI/ML systems.

• Provides support by proposing solutions, coordinating implementation, and enforcing information systems security policies, standards, and methodologies.

• Uses advanced technologies including Intrusion Detection & Prevention Systems, Lambda, CloudFront, CloudFormation, AWS Security Hub, S3, Batch, API Gateway, VPC, IAM, KMS, CloudWatch, CloudTrail, SFTP, DynamoDB and Config, etc.

• Prepares and analyzes system security reports by collecting, analyzing, and summarizing data and trends, systems usage and access patterns, and makes recommendations to improve security.

• Maintains cloud operational security posture to ensure information system security policies, standards, and procedures are established and followed.

• Creates and updates technical cloud security standards for assets and software.

• Provides subject matter expertise on cloud information security architecture and systems engineering to other IT and business teams.

• Executes security architectures for cloud cloud/hybrid systems.

Serves as cloud cyber security technical subject matter expert, trainer and a primary resource for the organization.

• Provides cloud information security expertise to system development teams throughout the development life cycle process.

• Partners with internal teams to ensure system design and implementation are consistent with company policies, requirements, and directives.

• Leads and conducts information security risk assessments including documenting processes, service level agreements and best practices.

• Develops the overall cloud security design, development, testing, and implementation of security solutions. Recommends compliance strategies that support customer requirements and alignment to company policy.

• Ensures cloud security quality, adherence to security guidelines/controls, profitability, and information security related metrics for self and assigned projects.

• Collaborates with key stakeholders on remediation strategies and follows remediation activities through closure.

• Provides support on Incident Response on security incidents and participates in the development of business cases and presentations on information security technologies of interest to the company.

• Counsels project teams, application owners, and other Information Security teams on cloud information or AI/ML security controls.

Partners with project management and other internal teams in determining overall security solutions.

• Executes technical and process changes required to adopt, maintain, and adjust security controls as required to manage the company's risks and align with industry best practices.

• Works with peers in other internal groups to drive technical security risk down in targeted areas.

• Takes end-to-end ownership of one or more security tools and metrics, driving risk down actively across the company.

• May support administration and monitoring of tools used for AI/ML environments.

• Contributes to the continual enhancement, understanding and adoption of the IT security practices through governance, core processes, leading technology, and enhancement of team’s skill sets.

• Coaches and educates others to increase early detection rates and decrease IT risk and security.

AI/ML RESPONSIBILITIES

• Assists in monitoring AI/ML platforms for anomalous behavior such as unusual model access patterns, unexpected data usage, or irregular inference activity.

• Assists in identifying and remediating vulnerabilities in AI/ML pipelines, including insecure configurations and access control gaps.

• Collaborates with data scientists and ML engineers to help implement secure AI/ML solutions aligned with business requirements.

• Gains familiarity with ML platform tooling (e.g., model registries, pipeline orchestration tools) and applies security best practices to their use.

• Develops foundational knowledge of AI/ML security concepts and contributes to team knowledge sharing.

• Supports implementation of security controls for AI/ML systems and related infrastructure.

• Develops awareness of emerging AI/ML security risks and communicates relevant observations to the team.

• Shares knowledge and learns from senior engineers regarding AI/ML security practices.

SUPERVISORY RESPONSIBILITIES

This position has no supervisory responsibility but may mentor and train junior engineers.

EDUCATION AND EXPERIENCE

• Bachelor's Degree required in Engineering, Cybersecurity, Networking, Computer Science, Data Science, or related field.

• Minimum 8 years of experience working in a security engineering related role designing secure networks, systems and application architectures or equivalent combination of education and experience required.

• Minimum 3-5 years of experience in AWS Cloud Security services required.

• Experience in cyber security role requiring knowledge of data analysis, risk assessment, risk mitigation, investigation methods, incident management concepts and practices, and policy and procedure development.

• Exposure to or experience with AI/ML platforms, data pipelines, or analytics environments preferred.

• Basic understanding of ML lifecycle concepts and data handling practices preferred.

CERTIFICATES, LICENSES, REGISTRATIONS

• Certification in GSEC, CISSP, and/or Security+ preferred.

• AWS Certified Security – required.

• AWS Developer or Solutions Architect Associate - Security Emphasis preferred.

• AI/ML or data-related certifications are a plus but not required.

KNOWLEDGE AND SKILLS

• Direct experience using advanced technologies such as Intrusion Detection & Prevention Systems (IDS/IPS), Firewalls, SIEM, Antivirus software, Network Packet Analyzers, content filtering, Malware analysis and forensics tools to detect intrusions.

• Experience with AWS Services such as AWS Identity & Access Management, AWS Organizations, AWS Security HuB, Guard Duty, CloudTrail, AWS CloudTrail.

• Knowledge of risk assessment tools, technologies, and methodologies.

• Knowledge of disaster recovery, computer forensic tools, technologies, and methods. Knowledge of enterprise security platforms.

• Ability to communicate network security issues to peers and management.

• Strong understanding of endpoint security solutions to include File Integrity Monitoring and Data Loss Prevention.

• Demonstrated experience as a lead engineer in the design, implementation and support in an enterprise IT environment.

• Ability to hypothesize on root cause of inefficiencies and then test out probable solutions against those hypotheses.

• Must be able to read, write and speak English effectively.

• Ability to effectively communicate/present technical information to a non-technical audience.

• Ability to cross train and share information with team members.

• Basic understanding of AI/ML security concepts such as data protection, access control, and model usage risks.

• Familiarity with ML-related components such as data pipelines and model deployment environments is a plus.

• Willingness to learn model risk and AI governance concepts.

• Understanding of data privacy considerations in analytics and ML environments is a plus.

PHYSICAL REQUIREMENTS

Office environment – no specific or unusual physical or environmental demands and employees are regularly required to sit, walk, stand, talk, and hear. Employees are required to reach with hands and arms; stoop, kneel, crouch, or crawl. Employees must occasionally lift and/or move up to 30 pounds. Employees are required to have visual acuity and be capable of operating and viewing computers and other electronic devices for extended periods of time.

WORK ENVIRONMENT

This position operates in an office environment and requires the frequent use of a computer, telephone, copier, and other standard office equipment.

We are currently not offering employment sponsorship for this opportunity.

#LI-TM1

#LI-HYBRID

The current range for this position is

$121,624.81 - $217,710.99

This range is exclusive of fringe benefits and potential bonuses. If hired at ICW Group, your final base salary compensation will be determined by factors unique to each candidate, including experience, education and the location of the role and considers employees performing substantially similar work.

WHY JOIN ICW GROUP?

• Challenging work and the ability to make a difference

• You will have a voice and feel a sense of belonging

• We offer a competitive benefits package, with generous medical, dental, and vision plans as well as 401K retirement plans and company match

• Bonus potential for all positions

• Paid Time Off

• Paid holidays throughout the calendar year

• Want to continue learning? We’ll support you 100%

ICW Group is committed to creating a diverse environment and is proud to be an Equal Opportunity Employer. ICW Group will not discriminate against an applicant or employee on the basis of race, color, religion, national origin, ancestry, sex/gender, age, physical or mental disability, military or veteran status, genetic information, sexual orientation, gender identity, gender expression, marital status, or any other characteristic protected by applicable federal, state or local law.

___________________

Job Category

IT