Agero: Security Engineer
One Cabot Road
Medford, MA 02155

Employee Testimonials

Balaji Srinivasan Agero

Video

Ahead of the Curve.
No one knows the road like Agero. For over 40 years, we have provided the safest, smartest solutions for drivers and the companies that keep them moving.

As a result, we have become an industry leader, providing vehicle manufacturers and insurance carriers with privately labeled state-of-the-art roadside assistance plans and efficient claims management solutions. Our Roadside Assistance network protects more than 75 million drivers each year, providing award-winning service that helps motorists in their time of need while building customer loyalty for our clients.

Headquartered in Medford, MA with operations throughout North America, we are trusted by more than 100 leading corporations and used by 75% of the new passenger vehicles sold in the U.S. As a result, we have more information about cars and drivers than any other company. We use that data to continually enrich our solutions, maximizing our customers' opportunities while minimizing driver distraction.

As a member of the Agero Security Team, this position is responsible for protecting data and information systems from unauthorized access, use, disclosure, disruption, modification or destruction; and protecting information and other valuable assets stored within facilities. This role covers systems that are located on premise or in the cloud and assists with developing network security to protect electronic information in transit over networks. The Security Engineer will be involved in a wide range of projects including developing methodologies requiring security best practices and use of industry standards, such as ISO 27001/2:2013, CIS, etc. Responsibilities include helping to maintain compliance to major governance and regulatory standards such as: PCI Data Security Standards, Massachusetts Data Protection Regulations, GDPR and other data protection standards. The Security Engineer will also work to ensure successful completion of vulnerability audits and assessments, as required.

KEY OUTCOMES

Strategy & Planning

  • Assist in developing and maintaining the enterprises security awareness training program.
  • Help create and maintain the enterprises security documentation (policies, standards, procedures and guidelines) in the corporate ISMS.

Deployment

  • Maintain up-to-date knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes, and the development of new attack and threat vectors.
  • Work as part of a team to select, test and acquire additional security solutions or enhancements to existing security solutions to improve overall enterprise security.
  • Participate in the deployment, integration and initial configuration of new security solutions and enhancements to existing security solutions in accordance with best practices.

Operational Management

  • Ensure the confidentiality, integrity and availability of the data residing on or transmitted to or from enterprise systems, on premise or in the cloud.
  • Participate in all investigations into security events or incidents and provide communication to senior management.
  • Participate in designing and executing vulnerability assessments, penetration tests and security audits.
  • Engage in ongoing communications with peers in the DevOps, Engineering and Networking groups as well as the various business groups to ensure enterprise-wide understanding of security goals, and solicit feedback and foster co-operation.
  • Understanding of wired and wireless network security devices.

KNOWLEDGE, SKILLS AND ABILITIES:

EDUCATION:Bachelor's degree in Engineering or Computer Science or equivalent combination of education and work experience. Any security certifications are a plus.

REQUIRED EXPERIENCE: 2 years information security or related engineering experience. Ability to work with the Engineering and Infrastructure teams in implementing security controls. Ability to articulate vulnerability and risk based on a technical security posture. Ability to support the development of system level plan of action and milestones.

2 years experience in:

  • Deployment, support of Security Devices including Web Application Firewalls, Intrusion Detection Systems, SIEM, third party tools, (URL filtering, Varonis, Tripwire);
  • Vulnerability assessments and penetration tests;
  • Ensuring compliance with security policies and procedures.
  • Measure, track and report the security vulnerability status of IT assets.
  • Experience with cloud environments and cloud security

DESIRED EXPERIENCE:

  • Experience with compliance with Payment Card Industry Standards (PCI or PCI DSS);
  • Familiarity with GDPR compliance



SKILLS:

  • Demonstrated on-the-job experience assuring software applications adhere to continuous monitoring and compliance with security controls.
  • Knowledge and experience with key management.
  • Knowledge and practice utilizing role-based access control and certificates to authenticate end points, system processes, and users.
  • Experience and knowledge of penetration testing methodologies and tools.
  • Base knowledge of exploit techniques and hacker methodologies.
  • Demonstrated on-the-job experience writing and reviewing risk assessment and mitigation reports.
  • Ability to communicate security-related concepts to a broad range of technical and non-technical staff.
  • Base knowledge of IP based applications (WWW, SMTP, DNS, SNMP, etc.).
  • Base knowledge of protocol filtering, network security and packet level analysis tools to resolve network security problems.
  • Understanding of wired and wireless network security devices.
  • Any experience Verizon MSSP, Imperva, McAffee, Varonis, TripWire, Tufin, Websense, Ironport, Splunk, Netbrain, or Netwrix products a plus.

COMPLEXITY:Proven troubleshooting and problem solving skills. Base understanding of networking concepts and project management skills.

Full-time

Why We Work Here

Balaji Srinivasan Agero
Balaji Srinivasan
Director of Engineering

“I highly recommend Agero because it offers a good work culture, friendly employees, and it’s always looking to innovate and improve.”

Jeannine Booton
Vice President, Marketing

"Agero’s on going growth presents exciting marketing challenges and provides ongoing career opportunities. It’s an innovative company that allows –and encourages – creativity."

Chris Richard Agero
Chris Richard
Vice President, Automotive

"It’s great to be at a company where you help both drivers and vehicle manufacturers at the same time. Agero’s pace of innovation makes you feel like you’re on the cusp of something big."