Information Security Engineer II
Root Insurance
CURRENT ROOT EMPLOYEES - Please apply using the career page in Workday. This career site is for external applicants only.
The Opportunity
We are looking for an Information Security Engineer II with expertise in both Security Operations (SecOps) and Identity & Access Management (IAM) to join our team. This role requires hands-on experience with next-generation antivirus solutions, vulnerability management and remediation, SIEM platforms, and identity & access management tooling.
In this role, you will enhance our threat detection, response, and vulnerability management programs while driving IAM initiatives to ensure secure and efficient authentication, authorization, and identity governance. You will work with SSO (Single Sign-On), MFA (Multi-Factor Authentication), and access control implementations, while also supporting and optimizing SIEM use cases to improve visibility and incident response. Collaboration will be key, as you will partner with IT, Engineering, and other InfoSec teams to strengthen our overall security posture. Additionally, you will assist in managing privileged access controls, identity lifecycle processes, and cloud security best practices to ensure a strong and scalable security foundation.
This position offers a unique opportunity to work in a rapidly growing environment and contribute to projects that span both the SecOps and IAM disciplines.
Root is a “work where it works best” company. This means we will support you working in whatever location that works best for you across the US.
Salary Range: $101,208 - $126,510 (Bonus and LTI Eligible)
How You Will Make an Impact
Configure and execute vulnerability scans across the enterprise.
Assess vulnerability risk and coordinate remediation activities with IT, Infrastructure (Reliability), Information Security & Development teams.
Work closely with IT and development teams to ensure proper implementation of authentication and access controls.
Manage the lifecycle of user accounts (creation, modification, and deletion) across all systems, ensuring timely and accurate user access.
Support and maintain authentication services such as Single Sign-On (SSO), Multi-Factor Authentication (MFA), and other access management tools.
Conduct regular access reviews to ensure compliance with security policies and regulations, and assist in audits and provide reports on user access as needed.
Troubleshoot and resolve NGAV-related issues and respond to alerts
Support audits and assessments by providing security documentation and evidence as required.
Monitor and analyze security events and incidents through SIEM tools to detect and respond to potential threats.
Investigate cyber security incidents to identify the cause and extent of the incident.
Investigate phishing and self-identified potential cyber threats.
Manage the chain of custody for all evidence collected during incidents and security investigations.
Summarize events/incidents effectively to different stakeholders such as legal counsel, executive management and technical staff, both in written and verbal forms.
Ability to take ownership of projects with a strong sense of urgency, and to perform tasks with minimal supervision
Participate in the 24x7 on-call rotational schedule as required
What You Will Need to Succeed
3+ years of experience in an IAM administration/engineering role or SecOps role, with a background in information security or risk.
Experience in configuring and trouble-shooting a wide array of security tools and applications.
Scripting skills (e.g. Perl, Ruby, Python, PowerShell, Shell scripting).
Experience working under strict compliance requirements.
Experience working in a fast growing environment with diverse teams and technologies.
Knowledge of various operating systems, TCP/ IP networking (TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols) and public cloud technologies.
CISSP, CISM, SANS GSEC, CEH or equivalent certifications are a plus.
Don’t meet every single requirement?
Studies have shown that women and people of color are less likely to apply to jobs unless they meet every single qualification. At Root, Inc., we are dedicated to building a diverse and inclusive workplace, so if you’re excited about this role but your past experience doesn’t align perfectly with every qualification in the job description, we encourage you to apply anyway!
Join us
At Root, we judge people based on the merit of their work, not who they are. If you are passionate about what this role entails and solving real problems, we encourage you to apply. We want to learn about you and what you can add to our team.
Who we are
We’re harnessing the power of technology to revolutionize insurance. Using machine learning and mobile telematic platforms, we’ve built one of the most innovative FinTech companies in the world. And we’re just getting started.
What draws people to Root
Our success is in large part due to our unwavering standards in hiring. We recognize that our products are only as good as the people building and promoting them. We want individuals who find solutions by going through the cycle of ideation to implementation with curiosity, rigor, and an analytical lens. Ask anyone who works here and you’ll hear similar reasons for why they joined:
Autonomy—for assertive self-starters, the opportunities to contribute are limitless.
Impact—by challenging the way it’s always been done, we solve problems that have a big impact on our business.
Collaboration—we encourage rich discussion and civil debate at every turn.
People—we are inspired by the collection of crazy-smart people around us.