• Infrastructure Cyber Security Engineer

    Location US-OR-Portland
    Posted Date 1 week ago(12/4/2018 5:31 PM)
    # Positions
    Req #
  • Overview

    If you want to make a positive difference and stand out from the crowd, you’ll fit in at The Standard (www.standard.com). Through our retirement plans and insurance products and services, we help people achieve financial well-being and peace of mind. Come join us and share our passion for serving our customers in a positively different way.


    When you work at The Standard, you are part of a company that provides customers financial well-being and peace of mind. As a member of our IT team, you work side by side with the business, pursuing strategic opportunities for our company. It’s an exciting time with new products, new distribution channels and new customer needs that are driving big investments in technology. At The Standard, we are large enough for big opportunities and small enough for big impact.


    As an Infrastructure Embedded Cyber Risk Engineer, you will be working in a highly dynamic and agile environment, where you will consult with project teams consisting of technical solution providers as well as various lines of our business.  You will be working to secure numerous aspects of our environment by creating robust set of checks and balances which will lead to enhanced speed and security outcomes.


    • Perform security assessments of large, complex internal IT projects based upon standard frameworks
    • Provide security related consultancy and proactively drive the security engineering with Solution Delivery and Engineering.
    • Provide analysis and recommendations for security risk handling processes.
    • Ensure that security awareness and issues are communicated effectively.
    • Work with engineering teams to review solution design and implementation of technical solutions.
    • Provide technical and operational security support to IT and Business Partners
    • Be an ambassador for the team to assist with the ongoing integration of the security team with other business units.
    • Leverage skills and experience to further evolve, mature, and improve organizations abilities through continuous improvement
      • Identify and resolve gaps in processes, procedures, and policies
      • Influence partners to integrate security best practices in daily activities
      • Further improve project engagement and professional relationships
      • Mentor and develop less experienced Engineers


    Requires a bachelor’s degree in Computer Science, Business Information Systems, or a comparative field


    Security, IT auditing, or risk analysis certification (e.g. FAIR, CEH, CISA, CISM, CRISC, CISSP) a plus


    Understanding of federal, state, and local regulations pertaining to Information Security and data privacy


    Excellent written and oral communication skills required


    Minimum of 8 or more years of relevant IT security experience, Information Security Analyst / Risk Assessor.  The experience must include the following skills and knowledge which may have been gained concurrently:

    • 3-6+ year(s) experience with performing security risk analysis and compliance assessments
    • 3-6+ year(s) experience with common security industry and audit standards, such as ISO 27001/27002, NIST 800 series, PCI-DSS, SOC1/SOC2
    • 3-6+ year(s) experience with developing Information Security policies, standards, guidelines and procedures
    • 3-6+ year(s) experience with leading incident response for security incidents.
    • 3-6+ year(s) experience with system security vulnerabilities, remediation techniques and application infrastructure hardening
    • 2-4+ year(s) experience with threat modeling and security methodologies.
    • 2-4+ years(s) experience authoring security related project deliverables such as System Security Plans (SSP).
    • 1-3 years(s) experience in the use of RSA Archer

    Knowledge of security and information protection risks associated with specific processes and technologies


    Ability to conduct risk assessments


    Working knowledge of AWS, Azure, and/or private cloud


    Good understanding of and practical hands-on knowledge of networking fundamentals


    Ability to work with others to solve challenging technical problems


    Possess strong collaboration and communication skills




    Standard Insurance Company, The Standard Life Insurance Company of New York, Standard Retirement Services, Inc., StanCorp Equities, Inc. and StanCorp Investment Advisers, Inc., marketed as The Standard, are Affirmative Action/Equal Opportunity employers. All qualified applicants will receive consideration for employment without regard to race, religion, color, sex, national origin, gender, sexual orientation, age, disability, or veteran status or any other condition protected by federal, state or local law. The Standard offers a drug and alcohol free work environment where possession, manufacture, transfer, offer, use of or being impaired by an illegal substance while on Standard property, or in other cases which the company believes might affect operations, safety or reputation of the company is prohibited. The Standard requires a criminal background investigation, drug test, employment, education and licensing verification as a condition of employment. All employees of The Standard must be bondable.


    For more information regarding your Equal Employment Opportunity applicant rights, click  here.


    Individuals with disabilities who need assistance or accommodation with the application process should contact HR Direct at 971-321-7871.  This number is only for the use of individuals with disabilities who need accommodation with the application process.  General inquiries about application status will not be addressed.


    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed