Information Security Engineer II

Root Inc. Root does car insurance differently. We believe good drivers should pay less for auto insurance so we base rates primarily on how you drive. Get a free quote. The Opportunity We are looking for an Information Security Engineer II with expertise in both Security Operations (SecOps) and Identity & Access Management (IAM) to join our team. This role requires hands-on experience with next-generation antivirus solutions, vulnerability management and remediation, SIEM platforms, and identity & access management tooling. In this role, you will enhance our threat detection, response, and vulnerability management programs while driving IAM initiatives to ensure secure and efficient authentication, authorization, and identity governance. You will work with SSO (Single Sign-On), MFA (Multi-Factor Authentication), and access control implementations, while also supporting and optimizing SIEM use cases to improve visibility and incident response. Collaboration will be key, as you will partner with IT, Engineering, and other InfoSec teams to strengthen our overall security posture. Additionally, you will assist in managing privileged access controls, identity lifecycle processes, and cloud security best practices to ensure a strong and scalable security foundation. This position offers a unique opportunity to work in a rapidly growing environment and contribute to projects that span both the SecOps and IAM disciplines. Root is a "work where it works best" company. This means we will support you working in whatever location that works best for you across the US. Salary Range: $101,208 - $126,510 (Bonus and LTI Eligible) How You Will Make an Impact Configure and execute vulnerability scans across the enterprise. Assess vulnerability risk and coordinate remediation activities with IT, Infrastructure (Reliability), Information Security & Development teams. Work closely with IT and development teams to ensure proper implementation of authentication and access controls. Manage the lifecycle of user accounts (creation, modification, and deletion) across all systems, ensuring timely and accurate user access. Support and maintain authentication services such as Single Sign-On (SSO), Multi-Factor Authentication (MFA), and other access management tools. Conduct regular access reviews to ensure compliance with security policies and regulations, and assist in audits and provide reports on user access as needed. Troubleshoot and resolve NGAV-related issues and respond to alerts. Support audits and assessments by providing security documentation and evidence as required. Monitor and analyze security events and incidents through SIEM tools to detect and respond to potential threats. Investigate cyber security incidents to identify the cause and extent of the incident. Investigate phishing and self-identified potential cyber threats. Manage the chain of custody for all evidence collected during incidents and security investigations. Summarize events/incidents effectively to different stakeholders such as legal counsel, executive management and technical staff, both in written and verbal forms. Ability to take ownership of projects with a strong sense of urgency, and to perform tasks with minimal supervision. Participate in the 24x7 on-call rotational schedule as required. What You Will Need to Succeed 3+ years of experience in an IAM administration/engineering role or SecOps role, with a background in information security or risk. Experience in configuring and trouble-shooting a wide array of security tools and applications. Scripting skills (e.g. Perl, Ruby, Python, PowerShell, Shell scripting). Experience working under strict compliance requirements. Experience working in a fast growing environment with diverse teams and technologies. Knowledge of various operating systems, TCP/ IP networking (TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols) and public cloud technologies. CISSP, CISM, SANS GSEC, CEH or equivalent certifications are a plus. Join us At Root, we judge people based on the merit of their work, not who they are. If you are passionate about what this role entails and solving real problems, we encourage you to apply. We want to learn about you and what you can add to our team. Who we are We're harnessing the power of technology to revolutionize insurance. Using machine learning and mobile telematic platforms, we've built one of the most innovative FinTech companies in the world. And we're just getting started. #J-18808-Ljbffr

Created: 2025-03-05