Cybersecurity Engineer, Lead

. Cybersecurity Engineer, Lead page is loaded## Cybersecurity Engineer, Lead remote type:
Hybrid Working locations:
Chicago, ILtime type:
Full time posted on:
Posted Yesterday job requisition :
JR101818

Established in 2021,
** Independence Pet Holdings
** is a corporate holding company that manages a diverse and broad portfolio of modern pet health brands and services, including insurance, pet education, lost recovery services, and more throughout North America. We believe pet insurance is more than a financial product and build solutions to simplify the pet parenting journey and help improve the well-being of pets. As a leading authority in the pet category, we operate with a full stack of resources, capital, and services to support pet parents.

Our multi-brand and omni-channel approach include our own insurance carrier, insurance brands and partner brands. We are seeking a talented and experienced Lead Cybersecurity Engineer to join our team, reporting directly to the Head of Cyber Security Engineering. This role involves implementing and managing strong cloud security standards, such as vulnerability scanning, endpoint protection, email security, and network security. This role will support our unified enterprise security system across multiple Operating Companies as well as manage the security transformation of some legacy systems into the unified system.

The ideal candidate will have a deep understanding of network protocols, operating systems, security principles, and strong communication and problem-solving skills. In addition, relevant cybersecurity certifications, familiarity with security frameworks, and advanced working knowledge of Microsoft Azure and 365 security features are required.

Responsibilities:
* Collaborate with the Security Engineering team to implement, configure, and enforce robust security solutions across cloud and legacy environments based on the enterprise security architectures, CIS Benchmarks, Microsoft security baselines, and internal company policy requirements.
* Manage the security of and enforce proper data governance rules across collaboration and email tools.
* Effectively manage vulnerability scans, perform security assessments of applications and systems, and collaborate with IT teams to effectively resolve vulnerability findings in a timely manner.
* Manage, configure, and optimize key cybersecurity tools and technologies such as SIEM, threat intelligence, and cloud security platforms, and develop automations and integrations between systems to improve visibility and response efficiency.
* Collaborate with Dev Ops and Engineering teams to integrate security measures into the CI/CD pipeline, promoting the principles of Dev Sec Ops  to ensure secure application development and deployment.
* Contribute to the development and testing of disaster recovery procedures that meet business and compliance needs.
* Support and implement the enforcement of data privacy requirements and regulations, as needed.
* Support identity and access security initiatives with conditional access, MFA, PIM, and just-in-time access across Entra , Active Directory, and/or Ping Identity to uphold least-privilege principles.
* Maintain professional security documentation such as diagrams, data flows, and procedures.
* Participate in audits, assessments, and continuous improvement activities to define, measure, visualize, and improve key cybersecurity metrics.
* Stay current with emerging cybersecurity trends, tools, and technologies to ensure the organization's security capabilities remain effective and up to date.

Requirements:
* Bachelor's degree in Computer Science, Information Technology, or related field, or significant experience of 5-8 years in the field of cybersecurity within financial services and insurance verticals.
* At least 5 years of experience in cybersecurity engineering, security architecture, or infrastructure protection, with primary experience in enterprise Microsoft environments.
* Relevant certifications such as CISSP, CEH, CISM, or GIAC is highly desirable.
* Practical knowledge of security frameworks, standards, and best practices (e.g., NIST, ISO, CIS, OWASP).
* Hands-on experience with Microsoft security technologies such as Defender for Cloud, Defender for Endpoints, XDR, Sentinel, and Purview, with a deep understanding of Azure and Microsoft 365 security architecture. AWS and GCP similar expertise are a plus.
* Strong experience with common security tools and technologies, such as firewalls, intrusion detection/prevention systems (IDS/IPS), SIEM systems, email security & data loss prevention (DLP) tools, cloud security tools, endpoint protection, encryption, and vulnerability scanners.
* Experience supporting regulatory and compliance programs such as NYDFS Part 500, PCI DSS, HIPAA, and SOC 2 through control implementation, evidence collection, and audit readiness.
* Experience with Dev Sec Ops  and understanding of security considerations in Dev Ops environments, including familiarity with…