• Responsible for designing, implementing, and maintaining comprehensive security solutions • Work collaboratively with cross-functional teams to identify security vulnerabilities • Respond to threats and ensure compliance with industry standards • Design, deploy, and maintain security infrastructure including firewalls, IDS, and SIEM platforms • Conduct vulnerability assessments and penetration testing • Analyze security logs and alerts to detect and investigate incidents • Develop and implement security policies, procedures, and standards • Respond to incidents by analyzing root causes and implementing remediation measures • Collaborate with IT and development teams to integrate security best practices • Monitor and evaluate emerging security threats and recommend improvements

• Develop and maintain cybersecurity and GRC strategy and long-term roadmap, with the goal of enhancing overall strategy in alignment with business objectives. • Make continuous improvements to our security strategies to protect critical assets and data. • Provide strategic decision-making and problem-solving to navigate complex security and regulatory landscapes. • Manage a comprehensive Governance, Risk, and Compliance program in support of corporate audits, client assessments, and regulatory standards such as PCI DSS, SOC 2, and ISO 27001; ensure that our company meets all internal and external audit requirements. • Conduct regular risk assessments and periodic penetration testing and vulnerability assessments to identify and mitigate potential threats to the organization's infrastructure, applications, and data. • Manage the timely creation and dissemination of security-related communications including security awareness and training announcements, security compliance policies and processes, security alerts, and event messaging. • Provide oversight in maintaining a successful collaborative relationship with our external cyber defense partner, including evaluation of service delivery performance and in alignment with BW’s cybersecurity priorities. • Provide strategic leadership during cybersecurity incidents, coordinating with IT, Legal, HR, Privacy, Communications, and other stakeholders, and act as executive-level point-of-contact. • Offer senior-level guidance in developing and improving cybersecurity governance programs, policies, standards, and secure architecture guidelines. • Oversee enterprise cybersecurity risk assessments and ensure corrective actions are prioritized and implemented effectively; provide direction for privacy and data protection initiatives. • Provide leadership, guidance, and mentorship to cybersecurity and GRC team members, drive strong performance across all initiatives and support individual and team development. • Act as a trusted advisor to senior leadership on cybersecurity risk, architecture decisions, and strategic measures. • Use metrics to evaluate and track effectiveness of security, governance, and compliance initiatives. • Leverage exceptional communication skills to translate technical requirements into actionable business solutions.

Role Description We are seeking a highly experienced and skilled Senior IT Security Engineer to join our IT Security organization in our Worcester, MA office or remote work arrangement. The Senior IT Security Engineer (SIEM & IDS/IPS Administrator) is responsible for the end‑to‑end administration, maintenance, and optimization of the organization’s on‑premise Security Information and Event Management (SIEM) platform and Intrusion Detection/Prevention Systems (IDS/IPS). This role ensures that these critical security technologies remain highly available, strategically aligned with enterprise security objectives, governed according to policy, and operating at peak effectiveness. The engineer will work closely with cybersecurity, infrastructure, and governance teams to ensure that threat detection, alerting, and response capabilities are robust, reliable, and continuously improving. This is a full time, exempt position. Responsibilities - SIEM Administration & Engineering - Manage, maintain, and optimize the on‑premise SIEM platform, including log ingestion, parsing, correlation rules, dashboards, and alerting. - Ensure SIEM availability, performance, and scalability to support enterprise security monitoring needs. - Develop and tune detection rules, correlation logic, and use cases aligned with threat intelligence and organizational risk. - Oversee log source onboarding, configuration, and validation across servers, applications, network devices, and security tools. - Conduct regular SIEM health checks, capacity planning, and lifecycle management. - IDS/IPS Administration & Engineering - Administer and maintain on‑premise IDS/IPS platforms, ensuring accurate detection and prevention of malicious activity. - Tune signatures, policies, and rulesets to reduce false positives while maintaining strong detection coverage. - Monitor IDS/IPS performance, availability, and event trends to identify anomalies or operational issues. - Coordinate with network and security teams to implement policy updates, rule changes, and architectural improvements. - Operational Excellence & Governance - Ensure both SIEM and IDS/IPS solutions are aligned with security governance frameworks, compliance requirements, and organizational policies. - Maintain documentation for system configurations, processes, runbooks, and governance controls. - Support audit activities by providing evidence, reports, and system configuration details. - Participate in incident response activities by providing SIEM/IDS/IPS insights, event analysis, and technical expertise. - Strategic Alignment & Continuous Improvement - Evaluate emerging threats and recommend enhancements to detection logic and monitoring capabilities. - Collaborate with architecture and leadership teams to align SIEM and IDS/IPS strategies with long‑term security objectives. - Identify opportunities to automate processes, improve detection fidelity, and enhance operational efficiency. Qualifications - Minimum 5 years of hands‑on experience administering, managing, and maintaining an on‑premise SIEM security solution and an on‑premise IDS/IPS security solution. - Demonstrated experience ensuring high availability, governance alignment, and operational effectiveness of security monitoring technologies. - Strong understanding of SIEM architecture, log ingestion pipelines, correlation logic, and event normalization. - Expertise with IDS/IPS technologies, signature tuning, network traffic analysis, and threat detection methodologies. - Proficiency with security log formats (syslog, JSON, CEF, LEEF, etc.). - Familiarity with network protocols, firewall rules, and enterprise network architecture. - Experience with Linux/Windows server administration as it relates to security tooling. - Ability to analyze security events, identify patterns, and support incident response. - Strong analytical and problem‑solving abilities. - Excellent communication skills for cross‑team collaboration. - Ability to work independently in a remote environment while managing multiple priorities. - Detail‑oriented mindset with a commitment to governance, documentation, and operational discipline. Preferred Qualifications - Industry certifications such as: - GIAC (GCIA, GCDA, GCED, GMON) - CompTIA Security+ / CySA+ - CISSP or equivalent - Experience with automation (Python, PowerShell, or similar). - Familiarity with threat intelligence platforms and frameworks (MITRE ATT&CK, NIST CSF). Benefits - Medical, dental, vision, life, and disability insurance - 401K with a company match - Tuition reimbursement - PTO - Company paid holidays - Flexible work arrangements - Cultural Awareness Day in support of IDE - On-site medical/wellness center (Worcester only) EEO Statement The Hanover values diversity in the workplace and among our customers. The company provides equal opportunity for employment and promotion to all qualified employees and applicants on the basis of experience, training, education, and ability to do the available work without regard to race, religion, color, age, sex/gender, sexual orientation, national origin, gender identity, disability, marital status, veteran status, genetic information, ancestry or any other status protected by law. Furthermore, The Hanover Insurance Group is committed to providing an equal opportunity workplace that is free of discrimination and harassment based on national origin, race, color, religion, gender, ancestry, age, sexual orientation, gender identity, disability, marital status, veteran status, genetic information or any other status protected by law. As an equal opportunity employer, Hanover does not discriminate against qualified individuals with disabilities. Individuals with disabilities who wish to request a reasonable accommodation to participate in the job application or interview process, or to perform essential job functions, should contact us at: HRServices@hanover.com and include the link of the job posting in which you are interested.

• Provides top-level strategic executive leadership oversight • Acts as a key advisor for the enterprise’s systems security and data integrity • Participates in the formulation of general management policy • Develops and monitors short- and long-term security standards and best practices • Provides final approval for strategic information systems security plans • Drives technology risk and change management priorities • Monitors the execution of strategic plans for disaster recovery and business continuity • Analyzes and resolves escalated IT security related issues • Directs the development and production of reporting tools, key performance metrics, and policies • Proactively addresses and resolves conflict and helps others navigate ambiguity