IT Security Administrator

NSM Insurance Group is the nation’s leading specialty insurance provider with more than $1 billion in premium across 25+ specialty insurance programs and brands in the U.S. and U.K. For more than 30 years, the company has been exclusively focused on building successful insurance programs and continually seeks new opportunities to grow and expand through strategic mergers and acquisitions.

Relationships are paramount at NSM because we know that’s what drives mutual, long-term success. We maintain an entrepreneurial spirit and startup mindset within an established organization that continues to redefine what specialty insurance means and how it impacts everyday lives. Employee are given endless opportunities to expand their interests and skillsets, push breakthrough ideas and take risks. Our open, supportive environment gives employees the confidence to take ownership of their work as if the business was their own.

At NSM, we Build Success every day for our people, carrier partners, agents and insureds — because we know our success is built on yours.

The Information Security Administrator (ISA) is responsible for effective monitoring, analysis, and maintenance of NSM systems as it relates to cyber security. The ISA will plan, design, build, and integrate tools and systems that are used to protect NSM’s electronic information and devices. The ISA will assist to implement systems to collect information about security incidents and outcomes. The ISA will develop metrics or procedures for evaluating the effectiveness of the systems and tactics being used and may also be involved in creating training materials. The ISA will be an advocate for cybersecurity processes, policies, and frameworks.

• Perform daily systems monitoring, verifying the integrity and availability of all NSM cybersecurity systems.
• Perform regular security compliance checks to identify any possible intrusions that could affect the effective operations of the NSM business.
• Work closely with the IT teams in developing security techniques, processes, and policies.
• Respond to all system / network breaches as received from 3rd party / automated systems notifications.
• Perform systems maintenance on identified security-centric systems.
• Maintain operational, configuration, or other procedures in support of the NSM IT platforms.
• Create and maintain documentation in support of NSM platforms, processes.
• Perform periodic reporting to support the cybersecurity posture.
• Part of the cybersecurity training platforms to ensure end-user compliance and security knowledge.
• Testing and identifying network and systems vulnerabilities.
• Participate in the Change Management process to ensure security best practices are in-place.
• Perform daily administrative tasks.
• Communicate to relevant departments in the organization.

• Bachelor (4-year) degree, required.
• Technical major, such as engineering or computer science, or equivalent experience, preferred.
• Prior Information Security responsibility experience, required.
• Prior experience with incident detection, incident response and forensics, required.
• Strong awareness of cybersecurity trends and hacking techniques.
• Information Security certifications such as Comp TIA Security+, SSCP, CISM.
• Strong scripting / programming knowledge such as Powershell, Python, Java, etc.
• Strong working knowledge of Windows operating systems, internals, and security.
• Knowledge in support of UNIX variants, Mac OS.
• Meticulous attention to detail, out-standing problem-solving skills, comfortable under pressure and can deliver on tight deadlines.
• Maintain a strong understanding of technology infrastructure using Firewalls, VPN, Data Loss Prevention, IDS/IPS, and Security Audits.
• Strong planning, implementation, and monitoring skills regarding cybersecurity.
• Background in Systems Administration/System Engineer functions a plus.
• Familiarity with supporting tablets, thin-client devices, and mobile devices from a security posture.
• Knowledge in business productivity tools such as Office, Visio, PDF.
• This role requires being part of an on-call systems monitoring support schedule.
• Responsibilities sometimes require working evenings and weekends, sometimes with little advanced notice.
• Some travel (~ 25%) to local or remote NSM offices may be required at times for support.