Cybersecurity Engineer, GCC-Assurant

The Cybersecurity Engineer is responsible for safeguarding Assurant’s information assets by implementing and maintaining robust security technologies and infrastructure. This position supports the execution of cybersecurity processes across all business units, ensuring compliance with the Assurant Information Security Program, relevant policies, standards, and regulatory requirements. The role demands expertise in various domains of information security, including identity and access management, security engineering, application and infrastructure security, threat detection, incident response, eDiscovery, security automation and digital forensics—across all operating system platforms.

This position will be in Hyderabad at our India location.

What will be my duties and responsibilities in this job?

Key Objectives:

• Design, implement, and maintain security solutions aligned with Assurant’s Information Security Policies and Standards.
• Provide support for technologies across applications, infrastructure, and endpoint security.
• Identify, assess, and remediate hardware/software vulnerabilities, drive mitigation efforts.
• Uphold the confidentiality, integrity, and availability of enterprise information systems.
• Develop and recommend security practices to prevent unauthorized access, alteration, or destruction of sensitive data.
• Measure, analyze, and report compliance with security policies and standards to leadership.
• Collect and report security metrics on a monthly, quarterly, and annual basis to support continuous improvement.

• Stay current with industry best practices, emerging technologies, and regulatory mandates to maintain a well-rounded security knowledge base.

The following responsibilities apply to the general Cybersecurity Engineer position. Specific details will be defined in a department job responsibilities document and outline in performance goals.

• Governance, Compliance & Audit Support – Evaluate technical solutions to ensure alignment with regulatory and security frameworks. Ensure adherence to regulatory frameworks (e.g., PCI-DSS, NY DFS, GLBA, SOX, DORA, etc.). Support internal and external audits, including vendor and client assessments. Maintain documentation and evidence for compliance activities. Collaborate with Legal, Privacy, Risk, Global Technology and other Cybersecurity teams.
• ​​Technology & Security Systems Management - Evaluates and implements new security technologies to address emerging threats (e.g., SIEM, endpoint protection, vulnerability scanners, IAM, IGA). Designs and implements secure infrastructure solutions, including network security, configuration management, storage security, and identity and access management (IAM) based on security policies to prevent unauthorized access. Responsibilities also include configuring and managing security platforms such as data loss prevention (DLP), data security tools, posture management solutions, and Zero Trust Network Access (ZTNA) technologies to strengthen enterprise defenses.
• Security Operations – Researches, designs, and implements cybersecurity solutions for Assurant’s systems and products in compliance with Assurant’s security policies and standards. Conducts regular security assessments and code reviews to identify vulnerabilities and potential risks, ensuring timely remediation and patching. Develops and refines detection content, use cases, and automated response workflows within security monitoring systems to identify and contain threats. Configures and manages security platforms including DLP, data security, posture management, ZTNA, and network security technologies. Stays current on emerging threats and attack methods, proactively analyzing potential impacts and seeking indicators of compromise to enhance the overall security posture.
• ​Identity and Access Management (IAM) - Manage and support IAM, IGA, and PAM platforms to enforce least privilege, role-based access control (RBAC), and segregation of duties. Participate in identity lifecycle management, including provisioning, deprovisioning, and access reviews. Support IAM audits and compliance reporting, ensuring alignment with internal controls and regulatory requirements. Contribute to modernization efforts in identity services, including adaptive access, federation, and cloud-based identity solutions.
• ​​Project Support & Risk Assessment - Participate in cross-functional projects to ensure security is embedded in the design, implementation, and operation of new systems and services. Conduct security risk assessments and threat modeling for new technologies, third-party integrations, and business initiatives. Provide security guidance during vendor selection, contract review, and solution architecture discussions. Collaborate with business units to balance security requirements with operational needs and user experience.
• Reporting & Metrics - Develop and maintain dashboards and reports on security posture, compliance status, project/task progress, and audit findings. Present findings, risk assessments, and strategic recommendations to leadership and stakeholders in a clear and actionable manner. Track key performance indicators (KPIs) and key risk indicators (KRIs) to support continuous improvement of the cybersecurity program. Contribute to board-level reporting and enterprise risk management initiatives as needed.

What are the requirements needed for this position?

Education:

• Bachelor’s degree preferred; in Computer Science, Information Security, or a related field; or two-year technical certification in Information Systems, Business Management, Computer Science, Engineering, IAM or related.

Experience:

• Minimum 3 years in IT Security, Cybersecurity, Security Engineering, or Identity and Access Management.

Knowledge & Skills:

• ​ Strong knowledge of security engineering discipline in one of the following domains: network security, cloud-native security, endpoint security, application security, or identity and access management.

• ​Experience with cybersecurity tools such as vulnerability scanners, network firewalls, cloud-native security, and penetration testing frameworks

• ​Excellent communication and documentation abilities - using appropriate level of communication up and down the organization

• ​Works to gain a deep understanding of requests or tasks and offers suggestions to streamline

• ​Build and maintain strong working relationships with sponsors, stakeholders, and team members

• ​Strong problem-solving, critical thinking and troubleshooting skills

• ​Ability to effectively influence others to modify their opinions, plans or behaviors

• ​Effectively work independently and collaboratively in a virtual team environment

• Persistent in completing the tasks - on time and within the deadline

• ​Spends time on what adds the most value

• ​Engage the right people at the right time

• ​Bring grit and determination to get things done

What are the Preferred Skills required for this position?

• Active security certification desired or willingness to obtain

• ​CompTIA Security+

• ​GIAC Security Essentials

• ​Certified Security Analyst (ECSA)

• ​Certified Ethical Hacker (CEH)

• ​Certified Red Team Operator (CRTO)

• ​Offensive Security Certified Professional (OSCP)

• ​Certificated Information Systems Security Professional (CISSP)

• ​Knowledge of cloud security and modern IAM solutions

• ​Experience with scripting and automation