Product Security Specialist

Come join us, and shape the future of the insurance industry!

ReMark is a global insurance consultancy helping insurers worldwide grow sustainably. Part of the SCOR Group, we specialise in data intelligence, marketing and technology solutions. Since 1984, we’ve reached over 1 billion people, ran over 12,000 campaigns and underwrite over 1 million policies each year. We’re a team of over 250 employees from 33 nationalities and 17 offices worldwide. Our clients include over 500 insurers, and we’re also partnering outside the industry with Garmin, local government, universities and more. Our vision is to transform the insurance industry, and we also believe in making products that have a sustainable impact on people's health and wellness.

The role

As a Solution and Product Security Specialist, you will be integral in defining, shaping, and playing an essential role in securing and protecting ReMark’s cloud platform, solutions, products & data. In a highly collaborative environment, you will be working with a global team to architect, design, monitor, and guide security requirements on the public cloud, SaaS environment, and software code and incorporating security in ReMark’s products.

Reporting to the Director IT/Solutions security, the Product Security Specialist is a technical role and is responsible for the following:

Key responsibilities

Providing, guiding, and partnering on Security requirements in Cloud & Digital products of ReMark

• Help protect, secure, and monitor cloud environments – GCP.
• Work with Cloud architects, DevOps Developers to embed security by design and operations.
• Conduct static and Dynamic code scanning.
• Provide guidelines for Kubernetes cluster, container, and API security against industry benchmarks.
• Securing PostgreSQL, RubyonRails, Java, and .Net framework.
• Knowledge of security topics – access control, monitoring, and encryption.
• Good working knowledge of Kubernetes clusters.
• Usher in a DevSecOps culture within the solution teams.
• Secure the overall products & solutions suite of ReMark and data.
• Open to experimenting with open-source security frameworks, tools, and solutions to help protect ReMark’s Digital products.
• Understand customer requirements and contractual obligations on security and ensure that these are adequately fulfilled and provide necessary assurance.
• Guiding and providing training/awareness to teams on security topics.
• End-to-end security in Digital product design, development, deployment, and maintenance.
  

Setup process and procedures for Security

• Ensure security baselines, requirements are set up for security architecture, access controls (role-based), encryption, backup, monitoring, and logging.
• Work with security vendors and service providers to ensure that services are delivered.
• Overall Cloud and product security monitoring.
  

Strong collaboration and teamwork

• Partner with IT, Solution teams, employees, and third-party providers to ensure that baseline security requirements are implemented.
• Act as a security evangelist giving a positive sense of security.
• Work with SCOR IT & security team to leverage best practices and tools.
• Report on security KPIs and metrics.

Technical/Essential competencies

• Excellent understanding of public clouds such as GCP, Kubernetes, and modern DevOps software developments.
• Excellent organisational skills with the ability to manage multiple projects in a complex, fast-paced and deadline-driven environment.
• Willingness to work across a cross-section of people, processes and technology.
• Proficiency in O365 tools, and Microsoft suite.
• Knowledge of any (OWASP Top 10, ISO 27001, CIS, benchmark, NIST standards).

Personal competencies/Nice to have

• A real openness to the world. The Security team is global, you will be curious to explore and have the desire to conceive, develop and implement innovative ideas.
  
• Having a minimum understanding of concepts related to Ruby, Java or .Net or prior coding knowledge is a plus.
• Passion to experiment with open-source technologies and being part of a security community.

Required education/Work experience

• Bachelor’s degree in technology, security, or related.
• 3-4 years of technical experience in cloud security, DevSecOps or application security.
• Excellent knowledge/native of English (both written and spoken).
• Any related security certification on Cloud Security.

What we offer

• Competitive Salary.
• Lunch voucher.
• Flexible remote-work policy.
• Training & professional development opportunities.
• Membership to security forum.
• Sustainable & single-use plastic-free office environment.
• Working in a global, entrepreneurial ‘start-up’ environment within the established SCOR Groug.

The company working language is English. All ReMark employees should speak, read and write English to a sufficient level in order to communicate and operate effectively in the organization.