Skip to main content
O

Security Engineer

Old Republic

Location

Remote

Salary

Not specified

Type

fulltime

Posted

Today

via linkedin

Job Description

Reports To

: Manager, Security Engineering

Department:

Information Services

Location/Schedule

: Remote

Classification:

Full-Time /Exempt

Who We Are:

Old Republic is a leading specialty insurer that operates diverse property \& casualty and title insurance companies. Founded in 1923 and a member of the Fortune 500, we are a leader in underwriting and risk management services for business partners across the United States and Canada. Our specialized operating companies are experts in their fields, enabling us to provide tailored solutions that set us apart.

Position Overview:

The Security Engineer will play a key role in improving the organization’s overall security posture across cloud environments, applications, and enterprise platforms. This role partners closely with engineering, architecture, and development teams to design secure systems, implement and automate security controls, and provide expert consulting on secure design practices. The engineer will contribute across multiple domains, including application security, cloud security, and system design - helping to define security standards, integrate and optimize tooling, and ensure that services are built and maintained securely. This role will also act as a trusted advisor to teams across the organization, providing guidance on secure architecture, emerging risks (including AI/ML systems), and best practices.

Essential Job Functions

:

  • Drive security standards, best practices, and tool strategies across cloud platforms, applications, and enterprise systems.
  • Partner with engineering and architecture teams to design secure systems and applications from the ground up.
  • Perform security architecture reviews, threat modeling, and design consulting for new and existing systems.
  • Support both application security and cloud security initiatives, including secure coding, infrastructure security, and identity controls.
  • Assess current security posture across applications and cloud environments and recommend actionable remediation strategies.
  • Design and implement solutions for vulnerability management, including scanning of applications, operating systems, containers, APIs, and infrastructure-as-code (IaC).
  • Analyze findings from security tools and penetration tests; partner with teams to prioritize and remediate risks.
  • Support and perform penetration testing and security assessments across applications and cloud environments.
  • Develop and apply security controls that protect applications, cloud workloads, identities, APIs, and data.
  • Integrate security into CI/CD pipelines and engineering workflows to enable secure-by-default development practices.
  • Build automations to detect misconfigurations, enforce security standards, and improve operational efficiency.
  • Serve as a subject matter expert across multiple security domains, including cloud, application, and emerging areas such as AI security.
  • Provide consulting and guidance to product, engineering, and business teams in a clear, actionable manner.
  • Collaborate with governance, risk, and compliance teams to align engineering controls with organizational requirements.
  • Support the broader Security Engineering team with development and optimization of security tooling and processes.
  • Stay current on emerging threats, vulnerabilities, and technologies, and recommend improvements to the security program.

Qualifications:

  • 3–6 years of experience in cybersecurity, security engineering, application security, or cloud security roles.
  • Bachelor’s degree in computer science, Information Systems, or a related field (or equivalent practical experience).
  • Experience with at least one major cloud platform (AWS, Azure, or GCP) in a production environment.
  • Experience in application security practices, such as secure code review, threat modeling, or SAST/DAST tools.
  • Understanding of secure system design principles, including authentication/authorization, data protection, and service-to-service communication.
  • Familiarity with cloud and application security tooling (e.g., CNAPP/CSPM, SAST, DAST, container security, secrets management).
  • Experience performing or supporting penetration testing and vulnerability assessments.
  • Knowledge of modern architectures, including microservices, APIs, containers, and serverless technologies.
  • Experience integrating security into CI/CD pipelines and developer workflows.
  • Proficiency in scripting or programming for automation (e.g., Python, PowerShell, or similar).
  • Strong understanding of security risks and mitigation strategies across both application and infrastructure layers.
  • Demonstrated ability to collaborate cross-functionally and influence secure design decisions.
  • Excellent communication skills, including the ability to translate technical risks into business-friendly language.

ORI is an Equal Opportunity Employer. ORI provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.

This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.

Looking for more opportunities?

Browse thousands of graduate jobs and entry-level positions.

All JobsSoftware Engineer JobsData Scientist JobsCareer Tips
Browse All Jobs
More JobsApply Now