Info Security Engineer II

CorVel Corporation is a national provider of industry-leading risk management solutions, and they are seeking an Info Security Engineer II to join their dedicated Information Security and Privacy team. This role involves contributing to the protection of corporate digital assets, assessing technical designs, and recommending secure solutions while collaborating with various teams across the organization.

Responsibilities:

• Foster information security practices and procedures across the organization
• Research, analyze, and formulate recommendations for technologies, products, and solutions to enable business
• Provide technical inputs, system security controls, evaluate and recommend new and emerging security products and technologies
• Work with engineering teams to threat model technical designs and implementation of solutions
• Act as a subject matter expert and partner with other engineers to select appropriate security controls
• Further mature and maintain vulnerability management processes and metrics
• Assist with a variety of risk assessments
• Assist with vendor risk assessments, and provide customer assurance
• Other duties as assigned

Requirements:

• 3 - 5 years of experience in information security
• Specific experience with two or more of the following areas: Threat modeling, Secure system design and development, System security assessments, Vulnerability management, Security risk management
• Experience with FIPS, NIST 800-53/CSF, or other relevant frameworks
• Notable cloud security experience
• Outstanding written and spoken communication skills
• Relevant security certification preferred (CC, CompTIA Security+, CISSP, SANS, etc.)