Info Security Risk Management Consultant

Our Fortune 500 company is driving a digital transformation and looking for forward-thinking innovators to disrupt how our industry thinks about and uses technology. As one of the world's leading employee benefits providers, we help millions of people gain affordable access to benefits that help them protect their families, their finances and their futures.
Are you an asker of questions, a solver of problems, and a challenger of the status quo? Our mission is to provide a differentiated customer experience and exceed the expectations people have of technology at any company — not just insurers.
We are seeking individuals to join our team of talented IT professionals who share never-ending passion and an unwavering focus on our customer

experience.Team

members comfortable working in an agile, fast-paced, and delivery-focused environment thrive in our environment where we value an entrepreneurial spirit and those who challenge the status-quo.
Unum is changing, and we’re excited about what’s next. Join us.
General Summary: This position provides support for the design, implementation and ongoing maintenance of Unum’s global information security & risk management program. This includes assisting in the development and maintenance of policies, procedures and processes needed to address the security and IT risk needs of Unum and its partners. The information security and risk management program provide security and risk management services to Unum Group. This global program provides for the secure operation of computing platforms, operating systems and networks, both voice and data, to ensure the integrity and protection of information assets and compliance with regulatory requirements.

This position contributes to strategic security decisions at the corporate level and is involved in operational planning with business partners. Additionally, this position is responsible for assisting with 3rd party/vendor risk assessments and customer contract reviews, completing prospective and existing customer information security risk assessments and/or onsite examinations. Also, this role assists as the IT audit liaison and coordinates IT audit activities between IT, internal and external audit, and other external insurance and market conduct exams. Principal Duties and Responsibilities
• Proactively consults on security, IT general controls, and SOX regulatory compliance requirements.
• Proactively consults on security requirements associated with US and UK privacy and security regulations.
• Responds, as needed, to security incidents.
• Assists in consulting, establishing, and updating the information security policies, procedures and standards.
• Develops, delivers and maintains an ongoing Information Security & Privacy Awareness program.
• Uses business knowledge to assist with and facilitate all aspects of responding to customer information security risk assessment inquiries (including working directly with customers) while managing and balancing internal and external expectations and timelines; requests proposals for new/renewal business and supports customer contract language reviews.
• Conducts comprehensive security risk assessments on 3rd party vendors as part of the Enterprise 3rd Party Risk management program and supports 3rd party contract language reviews.
• Coordinates and oversees the management and implementation of DLP technologies and processes, plays a key role in developing, maintaining, testing, and reviewing DLP detection policies and responses rules for both data exfiltration and insider threat risks.
• Supports all IT audit generated projects, including reviewing and maintaining metrics on all IT related audit findings.
• Contributes to horizontal and enterprise business strategy development by bringing forth impacts and opportunities associated with available and emerging technologies. Ensures alignment of technology goals and plans with corporate strategies.
• Supports cross-organizational IT and business functions with technical choices for a variety of large, strategic efforts by applying knowledge of Unum’s security framework and technical environment.
• Extends and establishes security standards and guidelines.
• Functions as a subject matter expert in security analysis and design across the enterprise.
• Shares security knowledge and expertise in multiple cross-organizational enterprise forums. Sphere of influence extends across the enterprise, including prospective and existing customers, 3rd party vendors, and senior level managers.
• Takes a lead role in independently and proactively proposing security solutions that address business needs across the enterprise.
• Acts as the security lead monitoring IT and SOX regulatory requirements.
• Leads compliance related projects, as assigned, performing all aspects of project management.
• Mentors IT professionals on various information security and IT controls requirements.
• Develops strong partnerships with client management, business clients, application developers, software vendors, and other technical resources which include, but are not limited to: legal, compliance and privacy.
• Maintains close relationships with the business to understand strategy, processes, plans, and needs to help influence planning by advising on best practices, innovation and technology enablement opportunities.
• Communicates effectively with business partners, customers, brokers, 3rd party suppliers, partners, and systems resources at all levels.
• Delivers effective, high-quality solutions in a timely manner while balancing shifting priorities and, at times, accelerated timelines.
• Facilitates matching business needs with services options by leveraging knowledge of business strategy, processes, and market offerings to assist in evaluating the most appropriate products and services to meet requirements.
• Performs other duties as assigned.

Job Specifications
• Bachelors or advanced degree in computer science, or related discipline
• Has 5+ years of information security, risk management, privacy, or audit experience
• Has knowledge of privacy and IT regulations such as HIPAA, GLBA and SOX
• Demonstrates knowledge of information security software, products and technologies
• Has knowledge of industry security standards and IT general control standards including NIST, CoBIT, ITIL, and ISO27002
• Demonstrates knowledge of industry standards and best practices associated with risk management methodologies such as ISACA’s IT Risk Management Framework
• Has a solid foundation in mainframe & distributed technology
• Able to take an enterprise view (see the big picture)
• Highly proficient in exercising leadership behaviors repeatedly in a variety of challenging situations that are complex, ambiguous, and have conflict
• Able to interact at all levels within the organization, including senior management
• Has strong oral and written communications and good presentation skills
• Has strong analytical stills
• Demonstrates customer service orientation & skills
• Able to take initiative, given general direction
• Has strong consulting skills
• CISSP and/or other related certifications (e.g., CIA, CISA, CISM, CRISC, CCSP) are strongly desired
#LI-DS1
#LI-Remote
#LI-Multi
IN1
Our company is built on helping individuals and families, and this starts with our employees. We want employees to maintain a positive balance, which is why we provide access to the benefits and resources they need to invest in themselves. From our onsite fitness facilities and generous paid time off to employee professional development programs, we are committed to helping employees live and work their best – both inside and outside the office.
Unum is an equal opportunity employer, considering all qualified applicants and employees for hiring, placement, and advancement, without regard to a person's race, color, religion, national origin, age, genetic information, military status, gender, sexual orientation, gender identity or expression, disability, or protected veteran status.
The base salary range for applicants for this position is listed below. Unless actual salary is indicated above in the job description, actual pay will be based on skill, geographical location and experience.
$89,400.00-$174,800.00 Additionally, Unum offers a portfolio of benefits and rewards that are competitive and comprehensive including healthcare benefits (health, vision, dental), insurance benefits (short & long-term disability), performance-based incentive plans, paid time off, and a 401(k) retirement plan with an employer match up to 5% and an additional 4.5% contribution whether you contribute to the plan or not. All benefits are subject to the terms and conditions of individual Plans.
Company:
Unum
#J-18808-Ljbffr