Security Support Specialist

Responsibilities

Risk Assessment & Customer Advisory

• Independently review and analyze the security posture of insureds and prospective insureds (SME, MM, and Large Market), providing fast, accurate, and high-quality analysis.
• Evaluate customer security programs, technologies, controls, and business environments; develop tailored, actionable recommendations and enhancements.
• Advise technical and non-technical stakeholders at customer organizations (e.g., IT Directors, CISOs, Security Engineers) on security architecture, cloud security, and control effectiveness, translating complex technical risks and security concepts into clear business impact and concise executive-level summaries for non-technical audiences.
• Assess and clearly quantify and qualify security risk to enable underwriting and project leadership decisions, driving initiatives that reduce overall risk across the portfolio.

Technical Support

• Provide technical support for Coalition’s security products via ticketing system and scheduled phone calls with policyholders and prospective policyholders.
• Rapidly become a Subject Matter Expert on these security products, guiding users on how to properly leverage product capabilities and providing feedback to the Product and Engineering organizations to improve the products.

Security Leadership

• Participate in the Claims Feedback Loop (CFL) process to identify missing domains, root-cause claim indicators, and patterns in events; recommend process and control improvements to prevent future claims.
• Participate in Zero Day Alert Outreach activities to notify policyholders about emerging threats detected on their attack surface.
• Use your understanding of applied security concepts to independently assess and interpret scanning and security finding data for organizations of all sizes.
• Identify deficiencies and gaps in external scanning data (coverage, depth, breadth, and types of scans); recommend and help prioritize improvements to internal tooling and scanning strategies.

Process, Product, Communication, Leadership, and Culture

• Create, maintain, and enhance team documentation, runbooks, and knowledge bases to support consistency, scalability, and quality across the team.
• Lead and be directly responsible for team initiatives and projects related to toolset enhancement, process changes, methodology updates, and cross-functional improvements.
• Represent Coalition as an expert to policyholder security leaders, articulating complex security findings and recommendations in accessible language.
• Mentor peers, contribute to team and department goals, and help create new solutions lead by example in upholding Coalition’s Kultura values.

Skills and Qualifications

• 4+ years of hands-on security analysis, security engineering, incident response, security product support or related experience, ideally including exposure to mid-market and large enterprise environments.
• Demonstrated understanding of the lifecycle of network threats, attack vectors, and methods of exploitation, including common TTPs and how they manifest in real-world environments.
• Proven ability to independently assess and clearly quantify and qualify security risk for complex organizations, and to translate technical risk into business terms.
• Demonstrated experience advising technical stakeholders (e.g., IT/Security leadership) and tailoring recommendations to their environment and risk tolerance.
• Experience working with or administering security support tooling (e.g., vulnerability scanners, SIEM, log analysis tools, external scanning platforms), with the ability to quickly achieve SME level in Coalition’s stack.
• Strong interpersonal communication skills (verbal and written), including the ability to communicate complex technical concepts clearly to both technical and non-technical audiences.
• Self-motivated and comfortable working in a fast-paced, dynamic, and often ambiguous environment, with the ability to work independently with a high degree of autonomy while collaborating effectively across teams and managing multiple tasks and projects simultaneously.
• Bachelor’s degree in Computer Science, Information Security, Engineering, or a related field, or equivalent practical experience.

Bonus Points

• Experience with common offensive and assessment tools such as Nmap, Nessus, Nexpose, Qualys, Burp Suite, Kali Linux, Metasploit, Meterpreter, Impacket.
• Experience securing cloud-based platforms (AWS, Azure, GCP), including system hardening procedures for Windows, Linux, and Unix.
• Programming or scripting experience (e.g., Python, Go, Bash) to build or extend security tools, automate analysis, and integrate with industry frameworks and APIs.
• Experience with SCADA / industrial control systems (ICS) networks.
• Prior experience in cyber insurance, risk scoring, underwriting support, or security consulting for insurers or financial services is a plus.

Compensation

• The US base salary for this position ranges from $100,000/year in our lowest geographic market up to $153,400/year in our highest geographic market.