Security Engineer Jobs in Iowa

INTRODUCTION

BITCO Corporation is seeking a Senior IT Security Engineer (Identity & Customer Access Management) to join our home office located in Davenport, IA. As a respected specialty insurer with 11 branch offices across 10 states, BITCO delivers tailored insurance solutions to complex industries such as construction, forest products, and oil and gas. This position is open to a hybrid work arrangement, blending flexibility with meaningful in-person collaboration.

At BITCO, our work is guided by core values. We care deeply about our people, partners, and customers. We are committed to excellence and accountability. We deliver on our promises with integrity and precision, and we strive to make a meaningful impact in everything we do. These values drive our mission to protect the people and industries that keep America running.

Join the BITCO team and be part of a workplace built on collaboration, open communication, and a positive culture that supports growth and success. If you are passionate about operational excellence and ready to make a measurable impact within a growing, industry-leading organization, BITCO offers the platform and challenge you have been looking for.

Position Summary:

As part of the Cybersecurity team, the Senior IT Security Engineer will focus on maturing IAM/CIAM Services by resolving complex access issues and responding to audit requests. You will be responsible for assisting with all types of user's access policy, process, and audit needs, applying improved role definitions, and following up on compliance evidence requests. This role is an elevated position built to help build the future of IAM/CIAM practices at BITCO and provide excellent customer services while troubleshooting access issues preventing a user from performing their role.

This role is responsible for handling information technology security practices focused on Identity and Customer Identity Access Management, in addition to procedures which includes analyzing, implementing, and monitoring practices and procedures enhancing our Cybersecurity profile. This role also participates in activities with the Internal Audit department and outside auditors to ensure internal and external security requirements are implemented and maintained as required.

PRIMARY RESPONSIBILITIES:

• Review, modify, and administer identity lifecycle management processes, ensuring timely and accurate provisioning/de-provisioning of user accounts and access rights.
• Collaborate with cross-functional teams to integrate IAM/CIAM solutions with enterprise applications, directories, and infrastructure components.
• Facilitate regular access reviews and audits to ensure compliance with regulatory requirements and internal security policies.
• Evaluate business impact and risk exposure based on the level of access granted and make recommendations on where improvements should be made.
• Engage across functional teams to ensure we are implementing role-based security across all modern business applications with a minimal access-based philosophy.
• Maintain understanding of business processes to aid in managing enterprise identity and access requirements.
• Troubleshoot IAM/CIAM-related issues, investigate root causes, and work to implement corrective actions to maintain system availability and integrity.
• Develop and maintain documentation, procedures, and guidelines related to IAM/CIAM operations and processes.
• Provide IAM/CIAM technical guidance and mentorship to members of the Operations team.
• Facilitate IAM/CIAM functionality discussions with customers to increase awareness in current role and access definitions.
• Work directly with application and system owners across the organization to gather information on entitlements and access needs.
• Work directly with application and systems owners to define and document application integration requirements with Organizational Information Management.
• Participate in the recommendation, acquisition, configuration, and maturation of software/utilities used to administer, monitor, and review information technology security activities.
• Develop and maintain an understanding of various security software/utilities relationships to administer, monitor, and review security-related activities, periodically reviewing the configuration of these tools to ensure we have comprehensive security coverage.
• Facilitate the coordination and preparation of distribution of reports to I.T. management and (when required) to internal/external auditors.
• Participate in recommending and reviewing changes to internal security-related practices/documentation to ensure they are appropriate and current with business requirements and IAM/CIAM best practices. Implement or streamline new practices or procedures where necessary and update, facilitate Management review, and company adoption.
• Develop and maintain an understanding of external and internal security practices required to meet corporate and regulatory requirements involving the security, maintenance, and retention of company data records.
• Participate in and maintain the process for scheduled and unscheduled audits of information technology related security practices and procedures, maintaining a record of the results, and own the process of reporting and closing any unresolved/remediated audit findings to IT and Business management.
• Perform routine and special assignments in support of IAM/CIAM security related tasks such as internal and external password strengthening, compromised process enforcement, SSO, initiation, reset and termination, password standards testing.
• Perform other duties as assigned.

QUALIFICATIONS

• Bachelor's Degree in Computer Science, Information Systems, or Business Administration with Technology as a core component preferred.
• Certificates pertaining to IAM/CIAM and access controls preferred or related work experience.
• At least 4-7 years' experience in IAM/CIAM technology and access governance.
• Hands-on experience with IAM/CIAM platforms such as Microsoft Azure Active Directory, One Identity Manager, or similar.
• Experience in organizations experiencing large modernization changes, legacy/Technical debt retirement, and SaaS platform (Duck Creek, Kalepa, SNOW, SFDC, EDW) implementations.
• Familiarity with the following IT Security concepts is preferred:
• IT security risk and mitigation strategies
• Security frameworks
• Regulatory guidelines
• IT security logging and monitoring
• IT security monitoring tools
• Controls, best practices, and security protocols
• Operating systems, networks, and security fundamentals
• Threat knowledge
• Demonstrated ability to manage multiple priorities and projects.
• Critical thinking and problem-solving skills.
• Excellent oral and written communication skills.

BENEFITS:

• Competitive salary paired with a comprehensive benefits package.
• Generous paid time off, plus 12 paid holidays annually.
• Comprehensive health coverage, including medical, dental, and vision plans.
• Additional protection through accident, critical illness, and hospital indemnity insurance.
• Company-paid life insurance equal to 2× annual salary.
• Company-paid short-term and long-term disability coverage.
• 401(k) Savings and Profit-Sharing Plan through Old Republic.
• Ongoing education, training, and professional development opportunities.
• Support for industry certifications and insurance designations, including financial assistance.
• Flexible scheduling with a two-hour window for start and end times within a 7.5-hour workday.
• Opportunities to give back through corporate philanthropy and community service initiatives.
• Optional benefits including travel, commuter, and pet insurance.
• Employee wellness support through a dedicated fitness program.