Prin Cyber Security Engineer IND

About us: We are a highly successful 190-year-old, Fortune 500 commercial property insurance company of 6,000+ employees with a unique focus on science and risk engineering. Businesses worldwide trust our expertise to protect their assets, relying on our comprehensive risk assessments and robust, engineering-based insurance solutions to safeguard against fire, natural disasters, and other perils. Serving over a quarter of the Fortune 500 and major corporations globally, we deliver data-driven strategies that enhance resilience, ensure business continuity, and empower organizations to thrive.

FM India is a strategic location for driving our global operational efficiency. Our presence in India allows us to leverage the countrys talented workforce and advance our capabilities to serve our clients better. We have diverse corporate functions that emphasize research, advanced technologies like AI and analytics, risk engineering, research, finance, marketing, HR, etc. working together to provide innovative solutions and nurture lasting relationships from co-workers to clients.

Role Title: Prin Cyber Security Engineer IND Position Summary: Assists principal and architect roles with strategic planning and innovation adoption efforts, as well as efforts to identify and recommend new technologies and/or capabilities which will enhance the cyber security program. Leads planning, design, and execution of major changes. Assists as escalation point with complex operational and systems engineering needs with security infrastructure technologies(such as SIEM, UEBA, Firewall, AV/EDR, DLP) used to prevent, detect, and/or respond to security incidents.

These operational activities may include resolving escalated complex and/or business impacting technology issues, investigating complex security events, and participating in incident response exercises. Leads advanced cyber security incident investigations and helps to shape threathunting activities. Additionally, may lead incident response efforts.

Job Responsibilities: Assists with daily security event monitoring and subsequent investigation activities. In the event that a security incident has been found, follows enterprise incident response standard processes ensuring proper escalation. Additionally, handles security events escalated from more junior team members.

Recommends and facilitates implementation of enhanced configurations, policies, and processes which improve the effectiveness and efficiency of FM Global's threat prevention, detection, and response services Performs security assessments of business and technology initiatives, identifying gaps and leading efforts to develop and implement solutions to mitigate those gaps. Maintain familiarity with the companies security standards and ensure processes exist to demonstrate compliance to those standards, and that technologiesand security policies are implemented in support of those standards Stay abreast of changes in the threat landscape by following industry experts, publications, newsfeeds, and threat intelligence sources. Identify ways to incorporate this information into ongoing securitypractices.

Maintains a high level of communication and teamwork both within security infrastructure services team and across other groups to successfully accomplish goals and objectives. Additionally, capable of interfacing with business leaders and IS leadership to promote security awareness, understanding, and improvements as well as satisfy their concerns. Maintains clear concise and accurate documentation for processes and configurations.

Ensure documentation is kept up to date and in the proper shared, accessible location. Independently identifies areas where additional process or technology documentation is needed and ensures that it is developed. Supports the development of current and future state architecture documentation where appropriate.

Leads and coordinates advanced threat hunting activities to seek out threats in the environment which might otherwise remain undetected by existing monitoring/prevention measures. Develops accurate estimates of time and effort required to implement upgrade or modify complex system configurations. Produces necessary work/test plans for accomplishing these efforts.

Provides project leadership and direction of day to day project activities. Mentors junior staff in all areas of responsibility including professionalism, communication, team work, problem solving, and technology design implementation maintenance and trouble resolution. Skill and Experience: 5-8 years of experiencerequired to perform essential job functions.

Additional Experience Qualifier (optional): Minimum of seven (7) year of experience in information technology or business analysis with at least five (5) years in an information security specific field, such as computer forensics, network perimeter security, incident response, system security, threat research, or working in or in support of a security operations center. Demonstrated knowledge of information security discipline via relevant advanced industry certification (such as: CISSP, SSCP, CISA, CCE, Security+, GIAC, CEH, etc.) Strong verbal and written communication skills Ability to communicate advanced technical subjects including controls and control effectiveness, infrastructure architectures, and risks, to a non technical audience Strong interpersonal skills Ability to coordinate activities with team members and other stakeholders Excellent customer service skills Must have a strong work ethic, great time management skills and a positive attitude Must be able to work independently, on a team, or in a leadership role on a team Ability to multitask and change priorities with effective results Strong knowledge of at least one of the following areas: operating systems, databases, systems, networks, application development Ability to design and implement technical solutions for business problems while balancing functionality, sustainability, time to delivery and costs Ability to develop and maintain current and future state technology architectures Advanced knowledge of and experience with computer vulnerabilities, hacker methodologies and other threats Advanced MS Excel and reporting skills required Experience using Power BI strongly preferred Ability to leverage various trusted sources of information articles, webinars, Internet, etc to gain accurate knowledge of current security threats, vulnerabilities, mitigating strategies to address them and then recommend and implement appropriate solutions for the organization Advanced understanding of at least one security, technical, or risk discipline Significant experience working with vendors and resellers, managing vendor reseller relationships, and bringing available resources to bear to solve problems or realize opportunities Experience managing large complex projects, producing any necessary artifacts, and meeting critical milestones Must Have Skills: Cloud Security Architecture and Engineering/ DevSecOps Strong foundation in securing cloud environments (AWS, Azure, or GCP), including architecture review, secure configuration, and identification of cloud-specific risks. Cloud Security Posture Management (CSPM) Hands-on experience operating CSPM tools, interpreting findings, prioritizing risks, and working with platform and engineering teams to remediate issues at scale.

Security Integration into CI/CD Pipelines Experience embedding security controls into CI/CD pipelines, including policy enforcement, hard gates, and automated validation of security requirements. Automation and Infrastructure as Code Proficiency with infrastructure-as-code and automation tooling (Terraform, ARM, CloudFormation, Git-based workflows, scripting) to enforce security standards and manage configuration drift. Security Engineering Mindset and Influence Demonstrated ability to translate security requirements into enforceable technical controls and influence platform and DevOps teams without formal authority, maintaining a risk-first perspective rather than a delivery-first mindset.

PRefer a related certification such as: AZ-500/CCSP/CKS Education and Certifications: 4 Year/ bachelors degree required. Work location: Bengaluru