Sr. Risk Engineer - Req #155

COCC • Full-time • Rocky Hill, CT, US • $83.64k - $122.40k / year • 2w ago

Who we are...
As an industry-leading fintech provider, COCC delivers innovative, comprehensive technology solutions and strategic partnerships throughout the Northeastern United States. Listed among American Banker's FinTech 100 and the Inc. 5,000 fastest growing companies in the nation, COCC inspires the industry with innovation and top-quality support. Designated a Top Workplace in Connecticut and a nationally Certified Great Place to Work, COCC recognizes employees as the core of our success.
Inspiring you to become extraordinary in work and life.

What we need…
We are seeking a Senior Risk Engineer to join our security team and play a critical role in shaping and enforcing our organization’s security posture. This highly visible position is ideal for a seasoned professional who thrives in designing policies, ensuring compliance, and leveraging advanced security tooling to strengthen our vulnerability management program and overall defense strategy. You will collaborate with teams to safeguard systems, mitigate risks, and drive continuous improvement in our corporate security practices.
What’s in it for you…

COCC offers a collaborative environment, career growth, and all the benefits you’d expect from an award-winning employer, including:

Hybrid schedules and ample paid time off allowing you work/life balance and flexibility
Customized training and onboarding to support you in your first year at COCC
Robust employee development programs aligned with career pathing objectives
Cutting-edge training and educational resources from vendors like SANS, PluralSight and CBTNuggets
Generous PTO offerings, benefits and competitive compensation
On-site fitness centers, wellness incentives, and lifestyle spending accounts
Tuition Reimbursement
One-on-one career coaching
DEIB initiatives championing inclusion and encouraging you to bring your whole self to work
Financial planning assistance with certified professionals
Peer recognition programs

What you’ll do…

Create, refine, and enforce security standards and procedures across the organization.
Monitor and validate adherence to regulatory frameworks, industry standards, and internal policies. Identify control weaknesses, regulatory compliance issues, and potential areas of risk.
Utilize security tools to identify, assess, and assist in the remediation of vulnerabilities across infrastructure and software applications.
Partner with IT, security engineering, software development, and business units to embed security into processes and projects from the start.
Evaluate emerging threats, analyze system risks, and recommend mitigation strategies for addressing those risks to the organization. Research evolving security threats, tools, and best practices to help proactively strengthen defenses.
Participate in the regulatory review process/standard, including generating reports, executing third-party security reviews, and working with Internal Audit.
Perform system reviews for network devices, web applications, and modern operating systems ensuring compliance with CIS.
Work without supervision and use advance knowledge to make judgment calls where necessary.
Coach, mentor, and guide junior engineers and analysts on a highly collaborative team.

What you’ll bring…

A bachelor’s degree (IT/IS preferred), or equivalent hands-on experience.
5–7 years in information security, risk engineering, or related field(s).
Industry-recognized security certifications such as SecurityX, GSEC, or CISSP.
Hands-on experience with vulnerability management tools (e.g., Qualys, Tenable, Rapid7), SIEM platforms, and compliance frameworks (NIST, SOC 2). General knowledge of FFIEC guidelines and regulations a plus.
Strong understanding of regulatory requirements and security governance.
Ability to assess complex systems, identify risks, and propose actionable solutions.
Clear and effective communicator with the ability to influence stakeholders and present findings to peers as well as leadership.
Scripting and automation capability in Python, Perl, or Powershell. Ansible, terraform, or n8n experience a plus.
General knowledge of route/switch functionality, network security, and operating systems such as Windows, Linux, and MacOS.
Experience working in Cloud as well as Container environments.
Familiarity with CI/CD security controls and container compliance.

The salary range for this position is $83,640 - $122,400

Applicants for employment in the US must have work authorization that does not currently or in the future require sponsorship of a visa for employment authorization in the United States.
COCC is committed to maintaining a drug-free workplace. All applicants are required to pass a credit, background, and substance test prior to employment. COCC procures background and consumer reports in compliance with all Federal and State regulations, including The Fair Credit Reporting Act and applicable Department of Labor laws regarding pre-employment screens. COCC is an equal opportunity employer committed to a community of inclusion, and an environment free from discrimination, harassment, and retaliation.
Accessibility - If you’re a job seeker with a disability and require accessibility assistance or an accommodation to apply for one of our jobs, please let us know by calling 860-678-0444 or emailing TalentManagement@cocc.com. Please specify the help you need and we’ll be happy to get back to you.

RELATED JOBS

Cyber Security Operations Center (SOC) Manager

The Travelers Companies, Inc. • Hartford, CT, US • $120.40k - $198.70k / year • 4m ago

Information Security Analyst

4m ago

Apply

Cybersecurity Sr. Architect

The Travelers Companies, Inc. • Remote (Hartford, CT, US) • $139.40k - $230k / year • 3w ago

Cyber Security Architect

3w ago

Apply