IT Info Security Specialist

Division or Field Office:

Office of the CIO
Department of Position: Enterprise Info Security Dept
Work from:
Corporate Office, Erie PA Salary Range:
$77,638.00 - $124,019.00 *

salary range is for this level and may vary based on actual level of role hired for

*This range represents a national range and the actual salary will depend on several factors including the scope and complexity of the role and the skills, education, training, credentials, location, and experience of an applicant, as well as level of role for which the successful candidate is hired. Position may be eligible for an annual bonus payment.

At Erie Insurance, you're not just part of a Fortune 500 company; you're also a valued member of a diverse and inclusive team that includes more than 6,000 employees and over 13,000 independent agencies. Our Employees work in the Home Office complex located in Erie, PA, and in our Field Offices that span 12 states and the District of Columbia.

Benefits That Go Beyond The Basics

We strive to be Above all in Service to our customers-and to our employees. That's why Erie Insurance offers you an exceptional benefits package, including:

• Premier health, prescription, dental, and vision benefits for you and your dependents. Coverage begins your first day of work.
• Low contributions to medical and prescription premiums. We currently pay up to 97% of employees' monthly premium costs.
• Pension. We are one of only 13 Fortune 500 companies to offer a traditional pension plan. Full-time employees are vested after five years of service.
• 401(k) with up to 4% contribution match. The 401(k) is offered in addition to the pension.
• Paid time off. Paid vacation, personal days, sick days, bereavement days and parental leave.
• Career development. Including a tuition reimbursement program for higher education and industry designations.

Additional benefits that include company-paid basic life insurance; short-and long-term disability insurance; orthodontic coverage for children and adults; adoption assistance; fertility and infertility coverage; well-being programs; paid volunteer hours for service to your community; and dollar-for-dollar matching of your charitable gifts each year.

Position Summary

Working independently or as part of a team, contributes to the planning, implementation, and management of the Information Security program to safeguard ERIE's digital assets. Implements and maintains security systems and procedures to govern, identify, protect, detect, respond to, and recover from cybersecurity risks, threats, vulnerabilities, and incidents. Completes and may lead assignments of moderate complexity within the Information Security portfolio with minimal guidance. Performs duties in one or more of the following Information Security disciplines, including but not limited to: Application Security (AppSec); Cloud Security (CloudSec); Governance, Risk Management & Compliance (GRC); Identity & Access Management (IAM); Security Operations (SecOps), or Vulnerability Management.

The Hiring Manager will also consider candidates for the senior level. Level of position offered will be based upon the depth and breadth of selected candidate's experience and qualifications.

What you'll do:

This opportunity is for an Information Security Specialist and the focus will be to collaborate with multiple IT portfolios to understand the intersection of all planned work with information security principals. This will be accomplished through understanding of technical designs, product and vendor information, and product configuration in ERIEs application of the solution. The individual will work within an Agile team and collaborate with peers and leadership across the enterprise to ensure implementation of solutions with reduced risk.

Preferred Experience and Skills:

-Minimum 5 years of experience within one or more information Security disciplines

-Agile ways of working

-Strong communication skills

What Makes you stand out:

-Understanding of ERIE Infrastructure and Application environments

-Experience within multiple information Security disciplines

Duties and Responsibilities

• Installs, configures, administers, and analyzes information security technologies, controls, and practices that maintain the confidentiality, integrity, and availability of ERIE's information systems and data assets.
• Continuously detects, logs, monitors, alerts, and reports on information security controls, exceptions, vulnerabilities, threats, risks, and incidents. Executes actions to protect assets and detect vulnerabilities or threats. Executes actions to respond to and recover from vulnerabilities or threats.
• Develops and manages relationships with diverse groups of stakeholders at multiple levels. Partners and aligns with cross-functional risk assurance, IT, and business teams across the enterprise to implement, align, and ensure compliance with security measures.
• Establishes and ensures that security measures are in line with industry standards, best practices, and regulations. Measures and improves the operating rhythm of Information Security as well as the risk posture of ERIE. Advances Information Security controls through maturity assessments, continuous process and automation improvements, appropriate policies/standards/procedures, and capability development.
• Develops and presents reports, metrics, dashboards, and evidence to stakeholders across the enterprise up to and including leadership and corporate officers. Provides support to end-users on security-related issues. Effectively communicates to and influences stakeholders through oral and written communications.
• Provides discipline-specific knowledge in support of security awareness and outreach to ensure that information security best practices are understood and followed enterprise wide.
• Remains current on industry best practices, standards, frameworks, regulations, and emerging security threats through research, training, and participation in industry associations. Makes recommendations for improving the company's security posture. Shares recommendations, knowledge, and relevant content to inform, mentor, or trains others.

The first seven duties listed are the functions identified as essential to the job. Essential functions are those job duties that must be performed for the job to be accomplished.

This position description in no way states or implies that these are the only duties to be performed by the incumbent. Employees are required to follow any other job-related instruction and to perform any other duties as requested by their supervisor, or as become clear.

Capabilities

• Collaborates
• Cultivates Innovation
• Customer Focus
• Decision Quality
• Ensures Accountability
• Instills Trust
• Nimble Learning
• Optimizes Work Processes (IC)
• Self-Development
• Values Diversity

Qualifications

Minimum Education and Experience Requirements

• Bachelor's degree in relevant field and 2 years of related experience; or
• Associate degree in relevant field and 4 years of related experience; or
• High School diploma or equivalent and 6 years of related experience, required.
• Completion of a relevant IT-career preparation program approved by ERIE's Human Resources and IT Talent Optimization Departments if unrelated degree and/or less experience.
• Relevant certifications and/or military training/service may be considered for equivalent education/experience.

Additional Experience

• Foundational knowledge and skill associated with at least one Information Security discipline and in at least one IT domain (analysis, engineering, system administration), required.
• Experience with IT delivery or operational methodologies (agile delivery, SDLC, ITIL), preferred.
• Critical thinking skills and analytical mindset required.
• Persuasive communication and interpersonal skills, and ability to convey technical concepts to non-technical stakeholders, required.
• Ability to participate in on-call rotations and work outside of regular business hours to support cyber event and incident handling may be required.

Physical Requirements

• Ability to move over 50 lbs using lifting aide equipment; Rarely
• Climbing/accessing heights; Rarely
• Driving; Occasional (<20>
• Lifting/Moving 0-20 lbs; Occasional (<20>
• Lifting/Moving 20-50 lbs; Rarely
• Manual Keying/Data Entry/inputting information/computer use; Frequent (50-80%)
• Pushing/Pulling/moving objects, equipment with wheels; Rarely

Nearest Major Market: Erie