• Application Cyber Security Engineer

    Location US-OR-Portland
    Posted Date 1 week ago(12/4/2018 5:32 PM)
    # Positions
    Req #
  • Overview

    If you want to make a positive difference and stand out from the crowd, you’ll fit in at The Standard (www.standard.com). Through our retirement plans and insurance products and services, we help people achieve financial well-being and peace of mind. Come join us and share our passion for serving our customers in a positively different way.


    When you work at The Standard, you are part of a company that provides customers financial well-being and peace of mind. As a member of our IT team, you work side by side with the business, pursuing strategic opportunities for our company. It’s an exciting time with new products, new distribution channels and new customer needs that are driving big investments in technology. At The Standard, we are large enough for big opportunities and small enough for big impact.


    As an Application Embedded Cyber Risk Engineer, you will be working in a highly dynamic and agile environment, where you will be embedding yourself within the development teams and more closely integrating with business partners. You will be developing security within delivery pipeline by creating robust set of checks and balances which will lead to enhanced speed and security outcomes.


    • Builds interpersonal relationships with the many teams and individuals
    • Provide project teams
    • Provide technical inputs, system security controls, evaluate and recommend new and emerging security products and technologies, to support development and monitoring of on-prem and cloud based dynamic environments
    • Ensure that appropriate application security event logging is in place
    • Work with an agile developmental approach to achieve new software and releases
    • Works collaboratively with Infrastructure Engineering and Solution Development teams for a security risk assessment
    • Communicates residual risks to owners
    • Coordinates the creation of an executive risk summary
    • Helps with understanding the security perspectives of Agile/DevOps teams for workload and objectives on cloud platforms (AWS, Azure, private cloud), e-mail, data analytics, etc.
    • Assists with streamlining execution of security risk assessments and accuracy of output
      Handles requests for security risk assessments of given technology and other requests for the many aspects of enterprise cybersecurity
    • Conduct system configuration testing to verify that controls have been met
    • Mentor and train less experienced engineers, developers, and analysts



    • Eight to ten years of overall related experience
    • 3 to 5 years’ experience with cloud services and solutions
    • 3 to 5 years’ experience with automation solutions
    • 3 to 5 years’ experience with orchestration and integration solutions
    • 3 to 5 years’ experience with Information Security Standards and Frameworks (SANS, NIST, ISO, SOX, PII, etc.)
    • Knowledge of security and information protection risks associated with specific processes and technologies
    • Ability to conduct initial risk assessments
    • Working knowledge of AWS, Azure, and/or private cloud
    • Experience in configuration management (Salt, Puppet, Chef, etc), automation and orchestration
    • Background modern DevOps toolchains, and automation
    • Good understanding of and practical hands-on knowledge of networking fundamentals
    • Ability to work with others to solve challenging technical problems
    • Possess strong collaboration and communication skills


    • Requires a bachelor’s degree in Computer Science, Business Information Systems, or a comparative field
    • At least five years of information systems auditing, risk management, security analysis, or related work experience
    • Security, IT auditing, or risk analysis certification (e.g. FAIR, GIAC, ISACA, ISC2, CEH) a plus
    • Familiar with any of the following: Java, XML, HTML, JavaScript and RESTful design
    • Knowledge of industry best practice standards pertaining to Information Security, risk management, and data privacy
    • Knowledge of and experience with GRC tools required
    • Understanding of federal, state, and local regulations pertaining to Information Security and data privacy
    • Excellent written and oral communication skills required



    Standard Insurance Company, The Standard Life Insurance Company of New York, Standard Retirement Services, Inc., StanCorp Equities, Inc. and StanCorp Investment Advisers, Inc., marketed as The Standard, are Affirmative Action/Equal Opportunity employers. All qualified applicants will receive consideration for employment without regard to race, religion, color, sex, national origin, gender, sexual orientation, age, disability, or veteran status or any other condition protected by federal, state or local law. The Standard offers a drug and alcohol free work environment where possession, manufacture, transfer, offer, use of or being impaired by an illegal substance while on Standard property, or in other cases which the company believes might affect operations, safety or reputation of the company is prohibited. The Standard requires a criminal background investigation, drug test, employment, education and licensing verification as a condition of employment. All employees of The Standard must be bondable.


    For more information regarding your Equal Employment Opportunity applicant rights, click  here.


    Individuals with disabilities who need assistance or accommodation with the application process should contact HR Direct at 971-321-7871.  This number is only for the use of individuals with disabilities who need accommodation with the application process.  General inquiries about application status will not be addressed.


    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed