Enterprise Information Security Engineer

Information Technology New York, New York

Apply

Description

Department: Information Technology
Job Type: Regular Full Time
Education Level: BA/BS or combination of education and experience
Required Years Experience: 4

Church Pension Group (CPG) is a financial services organization that serves the Episcopal Church, located in Midtown Manhattan. CPG was founded in 1917 to provide pension benefits to eligible clergy of the Episcopal Church. Since then, its mission has expanded to include life and disability insurance, health benefits, property & casualty insurance, and publishing. 
 
The Enterprise Information Security Engineer reports to the Enterprise Information Security Officer (EISO) and is responsible for designing secure enterprise solutions and implementing robust security measures to protect Church Pension Group’s (CPG) information assets and employees. The position ensures that security is embedded across all technologies- on-premises, cloud-hosted, software-as-a-service, and other vendor services- while managing operational security tasks, including monitoring, incident response, compliance, and vendor management. To be effective, the Enterprise Information Security Engineer requires strong communication skills and the ability to lead collaboration efforts with other ITS teams and business units.
 
ESSENTIAL DUTIES AND RESPONSIBILITIES include the following. Other duties may be assigned.
  • Architect Systems and Solutions 
    • Plan and design security solutions that enable identification, protection, detection, response, and recovery from cyber threats.
    • Define and develop security requirements from threat assessments, risk modeling, system analysis, and regulations, leveraging standard security frameworks.
    • Create security integration plans for existing infrastructure and future solutions.
  • Security Operations 
    • Implement and manage security technologies (e.g., firewalls, encryption, SIEM, DLP, IPS) directly, collaborate with other teams, and use MSSPs.
    • Monitor networks and systems for security breaches, escalations, and anomalies to ensure optimal security and accurate metrics.
    • Perform vulnerability assessments, penetration testing, and manage these services.
    • Own several of the security tool vendor relationships.
  • Governance and Compliance 
    • Develop and maintain security policies, standards, and procedures to ensure a secure environment and compliance with regulatory requirements.
    • Present and manage compliance issues, remediation, and organizational conversations.
    • Prepare action plans to harden systems, respond to security and DR events.
  • Risk Management 
    • Identify, evaluate, and report on information security risks.
    • Perform regular risk assessments and recommend mitigation strategies.
  • Education and Awareness 
    • Educate staff on cybersecurity best practices and the security program.
    • Acquire or develop training to address identified gaps and remediations.
    • Manage IT compliance and collaborate on corporate compliance measures.
    • Advise business units on secure configurations, vendors, and architectures.
  • Support Leadership 
    • Support the EISO in security event management, group collaboration, and planning and budgeting.
    • Maintain and develop both technical and management skills.
  • Effective performance of the essential functions of this position requires regular in-person, on-site interaction with colleagues, both for purposes of relationship building and meaningful collaboration.
  • Other duties may be assigned.
 
QUALIFICATIONS:  To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
 
  • Strong knowledge of cybersecurity principles, frameworks, and tools.
  • Experience with a wide range of tools, including IDS, IPS, firewalls, and SEIMs.
  • Deep understanding of Cloud Security and SaaS Vendor Security.
  • Proficiency in risk assessment, incident response, and threat modeling.
  • Excellent communication skills for cross-functional collaboration.
 
EDUCATION and/or EXPERIENCE 
  • 4+ yrs of relevant Information Security experience
  • BA/BS in Computer Science, Engineering, or related field preferred. Combination of work and education considered
  • Preferred Certifications: CISSP, CISM, CCSP, CISA, multiple topical GIACs.
  • Experience with AWS, Azure M365, Entra ID, Splunk, CrowdStrike, Darktrace, and Tripwire, is a plus.
 
PHYSICAL DEMANDS:
  • Extensive use of a computer keyboard is a demand of the position to perform the essential functions of this job successfully.
 
WORK ENVIRONMENT:
Currently, hybrid work environment, which requires working in CPG’s office Tuesdays through Thursdays and flexibility to work remotely on Mondays and Fridays. Church Pension Group employees must always maintain a professional, compassionate, and trustworthy work environment.  Reasonable accommodations may be made to enable someone with a disability to perform the essential functions of the job within this environment.                            

                                                                                                                                                       

Salary Range: $110,000 - $140,000

Join us and Create A Better Future For Yourself!
  

Flexible Benefits available to eligible employees:  

  • Medical (including Vision)
  • Dental

 Core Benefits automatically provided to eligible employees:  

  • Employer funded defined benefit pension plan (five year vesting)
  • Employee Life Insurance
  • Spouse and Dependent Life Insurance
  • Accidental Death and Dismemberment (AD&D) Insurance
  • Short-Term Disability (STD) coverage
  • Long-Term Disability (LTD) coverage (elected as either pre-tax or after-tax)
  • Business Travel Accident Insurance
  • Worker’s Compensation
  • Employee Assistance Program
  • Retiree health insurance (eligible after 10 years)
  • Retiree life insurance

Elective Benefits available to eligible employees:  

  • 401(k) with matching contributions (immediate vesting)
  • Flexible Spending Accounts (FSAs)
  • Commuter Benefits
  • New York’s 529 College Savings Program (NY State residents)

Educational Assistance Program available to eligible employees  

Parental Leave available to eligible employees  

Time Off available to eligible employees: Vacation, Sick, Personal and Holidays  

You may also be eligible to participate in a discretionary annual incentive program, subject to the rules governing the program, whereby an award, if any, depends on various factors, including, without limitation, individual and organizational performance.

In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification document form upon hire. Please understand that, as a general policy, CPG does not sponsor visas.  

EOE: Minorities/Female/Disability/Vet/Sexual Orientation


If you are a CPG employee, please use your CPG email address when creating your profile to apply.  

Apply Apply Later
← Back to Current Openings

Share