Sr IT Security Advisor

Job description

By joining Sedgwick, you'll be part of something truly meaningful.

It’s what our 33,000 colleagues do every day for people around the world who are facing the unexpected.

We invite you to grow your career with us, experience our caring culture, and enjoy work-life balance.

Here, there’s no limit to what you can achieve.

Newsweek Recognizes Sedgwick as America’s Greatest Workplaces National Top Companies

Certified as a Great Place to Work®

Fortune Best Workplaces in Financial Services & Insurance

Sr IT Security Advisor

**PRIMARY PURPOSE OF THE ROLE:** To manage the implementation of security measures to protect company data, networks, and computer systems.

To focus on executing security fundamentals for threat detection, investigation, and response efforts.

**ARE YOU AN IDEAL CANDIDATE?** We are looking for enthusiastic candidates who thrive in a collaborative environment, who are driven to deliver great work, are customer-oriented and are naturally empathetic.

**ESSENTIAL RESPONSIBILITIES MAY INCLUDE**

+ Engineers, implements and monitors security measures for the protection of computer systems, networks and information.
+ Identifies and defines system security requirements.
+ Designs computer security architecture and develops detailed cyber security designs.
+ Prepares and documents standard operating procedures and protocols.
+ Configures and troubleshoots security infrastructure devices.
+ Develops technical solutions and new security tools to assist in mitigating security vulnerabilities and automating repeatable tasks.
+ Leads IT groups and business units as necessary in troubleshooting compatibility issues between security tools and business or productivity programs.
+ Performs analysis of suspected malicious code and other software or programs and provides written or verbal analysis to management.
+ Analyzes client and customer needs as required and provides clear and concise reports to leadership.
+ Experience configuring and managing scan engines, sites, and asset groups.
+ Skilled in interpreting vulnerability findings, prioritizing remediation efforts using Real Risk Score and Threat Intelligence.
+ Ability to create and manage custom dashboards, reports, and alerts within InsightVM.
+ Familiarity with Remediation Projects and tracking progress across teams.
+ Knowledge of Live Dashboards and Query Builder for real-time visibility.
+ Experience integrating InsightVM with ticketing systems (e.g., ServiceNow, Jira) for automated remediation workflows.
+ Understanding of Nexpose scan engine architecture and deployment.
+ Ability to use InsightVM APIs for automation and custom integrations.
+ Experience coordinating internal and external penetration testing engagements.
+ Skilled in scoping penetration tests based on business needs, asset criticality, and threat landscape.
+ Ability to liaise between third-party testers, internal teams, and stakeholders to ensure smooth execution.
+ Familiarity with test scheduling, resource allocation, and minimizing operational impact.
+ Understanding of penetration testing methodologies (e.g., OWASP, NIST SP 800-115, PTES).
+ Ability to review and validate test findings, assess risk levels, and prioritize remediation.
+ Experience with vulnerability management tools (e.g., Rapid7 InsightVM, Tenable, Qualys) to correlate findings.
+ Knowledge of network, application, cloud, and physical security testing scopes.
+ Skilled in reviewing and distributing pen test reports, ensuring clarity and actionable insights.
+ Ability to track and report on remediation progress, including retesting and closure validation.
+ Experience maintaining audit trails and documentation for compliance and governance.
+ Familiarity with regulatory requirements (e.g., PCI-DSS, HIPAA, SOX, GDPR) related to penetration testing.
+ Ability to align testing efforts with risk management frameworks and security policies.

**Experience using Rapid7 InsightVM for vulnerability scanning and management required.**

**QUALIFICATIONS**

Bachelor’s degree in Information Systems, computer science, or related technology field from an accredited college or university preferred.

Related technical institute certification preferred.

Eight (8) years of encryption technologies/algorithms, digital forensics, network topologies, and access controls experience or equivalent combination of educated and experience required.

Skills & Knowledge

+ Knowledge of TCP/IP services
+ Knowledge of audit and compliance
+ Knowledge of vulnerability management
+ Knowledge of penetration testing
+ Knowledge of various operating systems
+ Knowledge of desktop productivity software
+ Knowledge of Carbon Black Protection
+ Knowledge of Symantec Endpoint Protection and host data loss prevention
+ Knowledge of information technology security frameworks
+ Excellent oral and written communication skills, including presentation skills

**TAKING CARE OF YOU**

+ Career development and promotional growth opportunities.
+ A diverse and comprehensive benefits offering including medical, dental vision, 401k, PTO and more.

#IT
#informationtechnology

Work environment requirements for entry-level opportunities include –
Physical: Computer keyboarding
Auditory/visual: Hearing, vision and talking
Mental: Clear and conceptual thinking ability; excellent judgement and discretion; ability to meet deadlines

The statements contained in this document are intended to describe the general nature and level of work being performed by a colleague assigned to this description.

They are not intended to constitute a comprehensive list of functions, duties, or local variances.

Management retains the discretion to add or to change the duties of the position at any time.

If you’re excited about this role but your experience doesn’t align perfectly with every qualification in the job description, consider applying for it anyway! Sedgwick is building a diverse, equitable, and inclusive workplace and recognizes that each person possesses a unique combination of skills, knowledge, and experience.

You may be just the right candidate for this or other roles.

Sedgwick is an Equal Opportunity Employer and a Drug-Free Workplace.

**If you're excited about this role but your experience doesn't align perfectly with every qualification in the job description, consider applying for it anyway! Sedgwick is building a diverse, equitable, and inclusive workplace and recognizes that each person possesses a unique combination of skills, knowledge, and experience.

You may be just the right candidate for this or other roles.**

**Sedgwick is the world’s leading risk and claims administration partner, which helps clients thrive by navigating the unexpected.

The company’s expertise, combined with the most advanced AI-enabled technology available, sets the standard for solutions in claims administration, loss adjusting, benefits administration, and product recall.

With over 33,000 colleagues and 10,000 clients across 80 countries, Sedgwick provides unmatched perspective, caring that counts, and solutions for the rapidly changing and complex risk landscape.

For more, see** **sedgwick.com**

Required Skill Profession

Other General