Come grow with James River Insurance! James River Insurance is an excess and surplus lines segment of James River Group Holdings, Ltd. and operates on an approved non-admitted basis in 50 states and Washington, DC. Since 2003, James River has provided thousands of commercial property and casualty customers with innovative and creative solutions for particular insurance needs. At James River Insurance, we are committed to providing a stable and rewarding work environment supported by our Core Values and Guiding Principles: Integrity, Accountability, Innovation, Customer Service, Communication, and Teamwork. We are proud of being recognized the past 5 years as one of The Top Workplaces USA. James River Group Holdings, Ltd. is a Bermuda-based insurance holding company which owns and operates a group of specialty insurance and reinsurance companies. The Company operates in two specialty property and casualty insurance segments: Excess and Surplus Lines and Specialty Admitted Insurance. The Company tends to focus on accounts associated with small or medium-sized businesses in each of its segments. Each of the Company's regulated insurance subsidiaries are rated "A-" (Excellent) by A.M. Best Company. Job Summary The Information Security Operations Analyst II plays a critical role in both the engineering and analytical aspects of securing the company's systems and data. This position combines hands-on technical work with in-depth analysis, supporting a broad range of responsibilities including threat intelligence, vulnerability management, incident response, and the design, implementation, and tuning of defensive security controls. In this role, you will engage in engineering tasks such as building and optimizing detection mechanisms, automating response processes, and maintaining security infrastructure. Simultaneously, you will apply analytical thinking to investigate security events, assess risk, interpret threat intelligence, and guide tactical decision-making. The Security Operations Analyst II regularly collaborates with IT and business stakeholders to drive measurable cybersecurity improvements and serves as an escalation point for complex incidents and investigations. To remain effective, you'll stay informed on the latest cybersecurity trends, tools, and tactics, continuously adapting defenses to meet evolving threats. Duties and Responsibilities
- Continually exhibit and uphold Core Values of Integrity, Accountability, Communication and Teamwork, Innovation and Customer Service
- Continuously monitor security alerts and events from various sources, including network and application services, endpoint and SIEM tools, etc. to identify potential security incidents and anomalies
- Investigate and analyze security incidents to determine their nature, scope, and impact, taking immediate action to contain, mitigate, and remediate security breaches to minimize damage
- Stay informed about emerging cybersecurity threats, vulnerabilities, and attack techniques, using threat intelligence to proactively identify potential threats and vulnerabilities, and take measures to prevent them
- Maintain detailed records of security incidents, their causes, and the actions taken for analysis, reporting, and compliance purposes, generating and submitting reports to management and stakeholders, as necessary
- Manage and maintain security technologies, including SIEM systems, vulnerability management systems, endpoint and network security systems
- Maintain awareness of information security best practices and communicate their applicability within the Information Security Office and IT organization
- Partner with the Security Operations team and management to conduct security assessments to ensure that management, operational, and technical security controls are properly implemented and maintained
- Lead the refinement of security processes, procedures, and policies
- Support business units and staff, communicating applicable policies and standards, as well as escalating to Information Security management when appropriate
- Consult with various areas of the business as an information risk subject matter expert
- Serve as a mentor and trainer for Information Security Operations Analyst I under the direction of management
- Serve as an escalation point by guiding and helping team members with project issues
Knowledge, Skills and Abilities
- Intermediate to advanced experience with the design, implementation and maintenance of SIEM platforms
- Intermediate to advanced experience with threat intelligence and incident response, including MITRE ATT&CK, threat hunting and building automated and process-oriented response pipelines
- Intermediate knowledge of foundational cybersecurity policy, compliance, and risk management principles, IT service management, the systems development lifecycle, and Agile methodologies
- Ability to think laterally and innovatively while implementing security improvements that suit business risk tolerance
- Methodical, data-driven approach to security and risk analysis
- Ability to convey technical process information in a clear and concise manner
- Strong desire for continuous improvement
- Ability to identify, recommend and implement innovative solutions
- Ability to partner with senior team members to write policies, procedures, and assessments
- Proactive and results-driven work ethic
- Excellent organizational skills
- Solid written, verbal, and presentation skills
- Ability to successfully prioritize and manage deadlines
- Ability to effectively communicate with peers and senior staff
- Ability to organize complex information, pay close attention to detail and handle multiple tasks
Experience and Education
- Bachelor's Degree in related field (IT, IS, Computer Science or Engineering) or equivalent combination of education, training and relative experience required
- Minimum of five years of related experience (security operations, vulnerability management, incident response, etc.) required
- Advanced certifications (CISSP, GSEC, CCSP, etc.) strongly preferred
#LI-JB1 |
James River Management Company
Jul 02, 2025