Senior Security Engineer

Our Fortune 500 company is driving a digital transformation and looking for forward-thinking innovators to disrupt how our industry thinks about and uses technology. As one of the world's leading employee benefits providers, we help millions of people gain affordable access to benefits that help them protect their families, their finances and their futures.

Are you an asker of questions, a solver of problems, and a challenger of the status quo? Our mission is to provide a differentiated customer experience and exceed the expectations people have of technology at any company - not just insurers.

We are seeking individuals to join our team of talented IT professionals who share never-ending passion and an unwavering focus on our customer experience. Team members comfortable working in an agile, fast-paced, and delivery-focused environment thrive in our environment where we value an entrepreneurial spirit and those who challenge the status-quo.

Unum is changing, and we're excited about what's next. Join us.

General Summary:

Senior Security Engineer

Join a team where your expertise shapes enterprise-wide security strategy. We're seeking a Senior Security Engineer to lead the design and execution of cutting-edge security architecture and defense frameworks that protect critical assets across our global organization.

In this role, you'll:

Influence corporate-level security decisions

Architect and operate a depth-in-defense security framework

Drive Identity & Access Management and privileged access solutions

Collaborate with IT and business leaders to integrate secure technologies

Partner with internal and external audit teams to ensure compliance

You'll be solving complex security challenges, building scalable solutions, and helping shape the future of cybersecurity at Unum.

Job Specifications

• Bachelor's or advanced degree in computer science or related discipline preferred or comparable work experience.

• 6+ years of related work experience in information technology engineering, support or consulting experience. Preferred if two of those years was spent in networking, application development, system security or IT Audit related positions.

Demonstrated ability and success in:

• Working effectively in an ambiguous environment, functioning independently, and effectively working across geographical locations.

• Detecting and analyzing hostile and other improper actions in such an environment.

• Investigating and responding to security alerts, or new security threats with a sense of urgency.

• Strong oral and written communications skills

• Strong analytical and problem-solving skills and proactive thinking skills

• Strong Knowledge of (at least one) UNIX, Windows, Mainframe, and/or Apple Operating System vulnerabilities and secure configuration settings

• Strong Knowledge of threats and vulnerabilities associated with application and network security.

• Strong Knowledge of the principles of implementation and operation and experience with security technology such as firewalls, multi-level security implementation, security assessment, monitoring and profiles tools (e.g. IDS/IPS, SEIM, AV, Qualys, etc.), and password crackers.

• Mentor and support junior level security staff

• Develops strong partnerships with client management, business clients, application developers, software vendors and other technical resources which includes, but not limited to, legal, compliance, and privacy

• Maintain close relationships with the business to understand strategy, processes, plans and needs to help influence planning by advising on best practices, innovation/technology enablement opportunities

• Communicates effectively with business partners, customers, brokers, third party suppliers/partners, and systems resources at all levels.

• Delivers effective, high-quality solutions in a timely manner while balancing shifting priorities and, at times, accelerated timelines.

• Facilitate matching business needs and services options by leveraging knowledge of business strategy, processes, and market offerings to assist in evaluating the most appropriate products and services to meet its requirements

• Provide an overall perspective or point of clarification to partner on operational aspects of a service. Has a good overall understanding of infrastructure and application portfolios to provide guidance to service partner provider.

Technical Skills for Identity & Access Management

• Experience in implementing and supporting global Identity and Access Management solutions (Identi-ty Management, Access Management, Virtual Directory, SSO)

• Knowledge and experience on Oracle OAM ,ForgeRock OpenAM and/or other Web Access Manage-ment systems (like CA SiteMinder), and API integration

• Experience on ForgeRock OpenIDM, Oracle OIM and/or other Identity management systems

• Experience on SSO (Single-Sign-On) technologies including Cloud, SAML and federation of identities (IdP initiated and SP initiated), multi-factor authentication

• Experience on CyberArk, Enterprise Certificate Management and Enterprise Token Services technol-ogies.

• Experience with LDAP/Directory Services including Active Directory and Radiant Logic

• Experience with RACF, DB2, SQL

• Experience with Azure, O365 and AWS

• Familiar with Regulations, including, GLPA, HIPAA, GDPR, CCPA, and other Cyber Security Regulatory compliance requirements and related programs

• ISO 27001/27002 the NIST Cyber Security Framework

• CISSP, CISM, SANS, and other security related certifications a plus

Technical Skills for Cyber Security

Excellent working knowledge of one or more of the following security areas desired:

• Operating System Security (Windows, Apple, AIX, Linux, zOS)

• Internet Technologies (NNTP, Proxy, HTTP, HTTPS, HTLM, SSL, X.509)

• TCP/IP and networking (LAN/WAN/Wireless)

• Intrusion Detection and Prevention products

• Incident Response Management

• Public Key Infrastructure technologies including encryption, Kerberos, certification authorities

• Application and Network Security Assessments methodologies and tools

• General Access Control Security (Active Directory, Linux, and Mainframe security)

• IPSEC and remote access technologies

• End Point Security products (i.e. Anti-virus, Malware, Hard Drive encryption)

• Ethical Hacking, Incident Response and case management.

• Forensic tools such as Oxygen, encase, Atola Forensic equipment

• Experience in implementing and operating security technology such as firewalls, multi-level security implementation, security assessment scanners, and security monitoring tools (e.g. IDS/IPS, SEIM, AV, Qualys, etc.)

• Experience in application and network security assessment methodologies, tools, and techniques

• Experience in implementing and operating global end-point security products (anti-virus, anti-malware, hard drive encryption, DLP, etc.)

• Security Coding Standards (e.g. OWASP) and Secure Software Development Lifecycles.SOX and HIPPA compliance requirements and related programs

Familiar with Regulations, including, GLPA, HIPAA, GDPR, CCPA, and other Cyber Security Regulatory compliance requirements and related programs

• ISO 27001/27002 the NIST Cyber Security Framework

• CISSP, CISM, SANS, and other security related certifications a plus

Principal Duties and Responsibilities

Performing cyber security monitoring and security incident response, including:

• Monitors for external threats and indicators of compromise

• Responds to and leads incident response for threat alerts

• Monitors for inappropriate utilization of computer resources

• Assesses reported security threats and weaknesses.

• Provides level II support for Operations

• Participates in 24/7 on-call rotation.

• Participates in ethical hacking red team/blue team exercises.

• Performs day-to-day operations and technical support, including system upgrades, on the Unum security technology portfolio.

• Consults on the security framework to IT/Business project teams, and in day-to-day business operations.

• Consults with development and business partners on integration and security configuration for new or existing software or solutions

• Participates in the evaluation of vendor's product strategies, technology roadmaps and software enhancements, and consults on the inclusion and rollout these recommendations in the corporate security roadmap.

• Develops and consults on sound security policies and procedures.

• Assists with application and network security assessments, as assigned.

• Maintains expertise to function as subject matter expert in one or more security disciplines.

• Develops strong partnerships with business clients, application developers, software vendors and other technical resources.

• Performs other duties as assigned.

#LI-AD1

#LI-MULTI

~IN1

Our company is built on helping individuals and families, and this starts with our employees. We want employees to maintain a positive balance, which is why we provide access to the benefits and resources they need to invest in themselves. From our onsite fitness facilities and generous paid time off to employee professional development programs, we are committed to helping employees live and work their best - both inside and outside the office.

Unum is an equal opportunity employer, considering all qualified applicants and employees for hiring, placement, and advancement, without regard to a person's race, color, religion, national origin, age, genetic information, military status, gender, sexual orientation, gender identity or expression, disability, or protected veteran status.

The base salary range for applicants for this position is listed below. Unless actual salary is indicated above in the job description, actual pay will be based on skill, geographical location and experience.

$98,340.00-$201,900.00

Additionally, Unum offers a portfolio of benefits and rewards that are competitive and comprehensive including healthcare benefits (health, vision, dental), insurance benefits (short & long-term disability), performance-based incentive plans, paid time off, and a 401(k) retirement plan with an employer match up to 5% and an additional 4.5% contribution whether you contribute to the plan or not. All benefits are subject to the terms and conditions of individual Plans.

Company:

Unum