Director, IT Security and Delivery - Hybrid

Our Fortune 500 company is driving a digital transformation and looking for forward-thinking innovators to disrupt how our industry thinks about and uses technology. As one of the world's leading employee benefits providers, we help millions of people gain affordable access to benefits that help them protect their families, their finances and their futures.

Are you an asker of questions, a solver of problems, and a challenger of the status quo? Our mission is to provide a differentiated customer experience and exceed the expectations people have of technology at any company — not just insurers.

We are seeking individuals to join our team of talented IT professionals who share never-ending passion and an unwavering focus on our customer experience. Team members comfortable working in an agile, fast-paced, and delivery-focused environment thrive in our environment where we value an entrepreneurial spirit and those who challenge the status-quo.

Unum is changing, and we’re excited about what’s next. Join us.

General Summary:

As the IT Security Director, you be partnering in the design, deployment and maintenance of a global information security program that addresses security needs and regulatory requirements for Unum. Additionally, you will play a pivotal role in monitoring phishing activities, conducting training programs, and ensuring Security Assurance across all departments.

This is a great opportunity within both the Project Management and Security space, as this is a 50/50 split.

If you have a track record of delivering results in the security field, a strong background in project management, particularly in large-scale programs and managing PMOs, we encourage you to submit your resume!

This is a hybrid opportunity, combining the benefits of in-office collaboration with the flexibility of remote work. The opportunity entails 3 days in the office and two days remote per week. This approach optimizes productivity, fosters collaboration, and promotes work-life balance.

Principal Duties and Responsibilities

Leads functional team(s) to successfully build, enhance, transform, or support security technology and/or secure business services by successfully delivering on outcomes.

Engages in strategic planning with business and IT stakeholders, to provide direction, guidance or recommendations on technology, and architectural considerations.

Actively participates in the definition of a security portfolio of change and roadmaps. Engages and influences IT and business leaders to ensure the portfolio will deliver agreed business objectives.

Collaborating with IT leadership across various disciplines, provides guidance, direction or recommendations to address a wide range of business and technology needs, with emphasis on optimized, timely and successful delivery.

In collaboration with their manager, initiates and influences relationships with and between key stakeholders in management, and implements IT plans, acts as a point of contact for stakeholders, planners, designers, and operational business partners.

In partnership with practice leaders, drives application of the company’s technical and architectural roadmap objectives.

Leverages deep understanding of IT, emerging technologies, and technical capabilities to guide and influence stakeholders and teams in developing solutions, build, deployment, testing and ongoing management of IT services.

Takes bold action to ensure there is a strong, diverse talent and leadership pipeline in place to meet aggressive business goals. Develops, coaches and engages people to higher levels of performance.

Understands the needs of a self-organizing team (cross-functioning, partners with the business, collaborative, works quickly and unencumbered, be empowered and autonomous, be able to focus on self-improvement) and supports the management activities that make self-organization successful.

Understands patterns and trends that contribute to utilizing key performance indicators and critical success factors that will improve the performance of the organization.

Continually monitors security trends, the threat landscape, regulatory requirements and industry best practices.

Job Specifications

Bachelors degree in computer science, or relevant technical experience

Has 8+ years’ experience in an IT field, or equivalent relevant work experience

Prior management experience is preferred

Demonstrates leadership in executing IT plans successfully that enable technical or business capabilities and address technology or business priorities

Has strong understanding of Agile/Lean leadership principles

Exhibits courage by taking smart risks and encouraging others to do so; empowers innovative approaches by motivating others to be proactive and resourceful

Has proven and demonstrated knowledge and skills in one or more technologies or industries

Able to apply broad business and technology understanding of internal and external trends and capabilities to ensure successful implementation of IT plans

Able to communicate a compelling vision and need for change that generates excitement, enthusiasm and commitment to the process

Demonstrates strategic and critical thinking capability

Interacts with others, internally and externally, in a way that gives them confidence in their intentions and those of the organization

Understands the business case for each deliverable undertaken and works with their manager and product owner to help ensure benefits are realized

Has strong planning, communication and presentation skills, and the capability to listen and influence

Has in-depth knowledge of regulations, including, GLPA, HIPAA, GDPR, CCPA, and other cyber security regulatory compliance requirements and related programs

Has in-depth knowledge of security and control frameworks such as NIST Cyber Security Framework; ISO 17799/27001, CobIT and ITIL

CISSP, CISM, CISA, SANS, and other security related certifications a plus

Technical Skills for Identity & Access Management

Experience in implementing and supporting global identity and access management solutions (Identity Management, Access Management, Virtual Directory, SSO)

Knowledge and experience on Oracle OAM ,ForgeRock OpenAM and/or other Web Access Management systems (like CA SiteMinder), and API integration

Experience on ForgeRock OpenIDM, Oracle OIM and/or other identity management systems

Experience on SSO (Single-Sign-On) technologies including Cloud, SAML and federation of identities (IdP initiated and SP initiated), multi-factor authentication

Experience on CyberArk, Enterprise Certificate Management and Enterprise Token Services technologies

Experience with LDAP/Directory Services including Active Directory and Radiant Logic

Experience with RACF, DB2, SQL

Experience with Azure, O365 and AWS

Familiar with regulations, including, GLPA, HIPAA, GDPR, CCPA, and other cyber security regulatory compliance requirements and related programs

ISO 27001/27002 the NIST Cyber Security Framework

Technical Skills for Cyber Security

Excellent working knowledge of one or more of the following security areas:

Operating System Security (Windows, Apple, AIX, Linux, zOS)

Internet Technologies (NNTP, Proxy, HTTP, HTTPS, HTLM, SSL, X.509)

TCP/IP and networking (LAN/WAN/Wireless)

Intrusion detection and prevention products

Incident response management

Public key infrastructure technologies including encryption, Kerberos, certification authorities

Application and network security assessments methodologies and tools

General access control security (Active Directory, Linux, and Mainframe security)

IPSEC and remote access technologies

End-point security products (i.e. Anti-virus, Malware, Hard Drive encryption)

Ethical hacking, incident response and case management

Forensic tools such as Oxygen, encase, Atola Forensic equipment

Experience in implementing and operating security technology such as firewalls, multi-level security implementation, security assessment scanners, and security monitoring tools (e.g. IDS/IPS, SEIM, AV, Qualys, etc.)

Experience in application and network security assessment methodologies, tools, and techniques

Experience in implementing and operating global end-point security products (anti-virus, anti-malware, hard drive encryption, DLP, etc.)

Security Coding Standards (e.g. OWASP) and Secure Software Development Lifecycles.SOX and HIPPA compliance requirements and related programs

#LI-TS1

#LI-MULTI

#LI-HYBRID

~IN1

Our company is built on helping individuals and families, and this starts with our employees. We want employees to maintain a positive balance, which is why we provide access to the benefits and resources they need to invest in themselves. From our onsite fitness facilities and generous paid time off to employee professional development programs, we are committed to helping employees live and work their best – both inside and outside the office.

Unum is an equal opportunity employer, considering all qualified applicants and employees for hiring, placement, and advancement, without regard to a person's race, color, religion, national origin, age, genetic information, military status, gender, sexual orientation, gender identity or expression, disability, or protected veteran status.

The base salary range for applicants for this position is listed below. Unless actual salary is indicated above in the job description, actual pay will be based on skill, geographical location and experience.

$109,100.00-$213,300.00

Additionally, Unum offers a portfolio of benefits and rewards that are competitive and comprehensive including healthcare benefits (health, vision, dental), insurance benefits (short & long-term disability), performance-based incentive plans, paid time off, and a 401(k) retirement plan with an employer match up to 5% and an additional 4.5% contribution whether you contribute to the plan or not. All benefits are subject to the terms and conditions of individual Plans.

Company:

Unum