Senior Cybersecurity Analyst

Our Fortune 500 company is driving a digital transformation and looking for forward-thinking innovators to disrupt how our industry thinks about and uses technology. As one of the world's leading employee benefits providers, we help millions of people gain affordable access to benefits that help them protect their families, their finances and their futures.

Are you an asker of questions, a solver of problems, and a challenger of the status quo? Our mission is to provide a differentiated customer experience and exceed the expectations people have of technology at any company - not just insurers.

We are seeking individuals to join our team of talented IT professionals who share never-ending passion and an unwavering focus on our customer experience. Team members comfortable working in an agile, fast-paced, and delivery-focused environment thrive in our environment where we value an entrepreneurial spirit and those who challenge the status-quo.

• Bachelors or advanced degree in computer science, or comparable work experience
• Has 5+ years of related work experience in information technology engineering, support or consulting. It's preferred if two of those years were spent in networking, application development, system security or IT audit related positions
• Experience in Cybercrimes is preferred.
• Working effectively in an ambiguous environment and across geographical locations, and functioning independently,
• Detecting and analyzing hostile and other improper actions in such an environment
• Investigating and responding to security alerts, or new security threats with a sense of urgency
• Delivers effective, high-quality solutions in a timely manner while balancing shifting priorities and, at times, accelerated timelines
• Facilitates matching business needs and services options by leveraging knowledge of business strategy, processes, and market offerings to assist in evaluating the most appropriate products and services to meet requirements
• Maintains close relationships with the business to understand strategy, processes, plans, and needs to help influence planning by advising on best practices, innovative technology, and enablement opportunities
• Communicates effectively with business partners, customers, brokers, third party suppliers/partners, and systems resources at all levels.
• Demonstrates strong analytical and problem-solving skills and proactive thinking skills
• Has strong oral and written communications skills

• Partners with security engineers to assist in the evaluation vendor product strategies and future product statements and advise, which will be most appropriate to pursue.
• Focus on Cybercrime and Cybercrime activity.
• Participates in the implementation and maintenance of sound security policies, procedures and standards spanning across some or all functional areas of security configurations, non-functional security requirements, endpoint protection, data loss prevention, identity and access management capabilities, cloud, cyber security, and security certificate & key management technologies.
• Participates on security projects and program development as assigned, performing and contributing to all aspects of the project.
• Develops partnerships and consults with business partners on integration and security configuration for new or existing software or solutions.
• Participates in the evaluation of vendor product strategies, technology roadmaps, and software enhancements. Consults on the inclusion and rollout of these recommendations in the corporate security roadmap.
• Provides support for the security tool portfolio and processes.
• Provides level II support to the associates and security analysts.
• Uses knowledge of Unum's security framework, technical environment, and cross-organizational IT functions to make security decisions and recommendations.
• Exercises leadership behaviors in situations that are moderate in terms of complexity, ambiguity, and dependencies.
• Provides system upgrade support for the EISRM technology portfolio.
• Provides technical and troubleshooting support for the Operations team.
• Participates in 24/7 on-call rotation.
• Performs other duties as assigned.

• Experience in supporting global identity and access management solutions (Identity Management, Access Management, Virtual Directory, SSO)
• Experience on ForgeRock OpenIDM, Oracle OIM and/or other Identity management systems
• Experience on SSO (Single-Sign-On) technologies including Cloud, SAML and federation of identities (IdP initiated and SP initiated), multi-factor authentication
• Experience on CyberArk, Enterprise Certificate Management and Enterprise Token Services technologies.
• Experience with LDAP/Directory Services including Active Directory and Radiant Logic
• Experience with RACF, DB2, SQL
• Experience with Azure, O365 and AWS
• Familiar with regulations, including, GLPA, HIPAA, GDPR, CCPA, and other cyber security regulatory compliance requirements and related programs
• ISO 27001/27002 the NIST Cyber Security Framework
• CISSP, CISM, SANS, and other security related certifications are a plus

• Excellent working knowledge of one or more of the following security areas:
• Operating System Security (Windows, Apple, AIX, Linux, zOS)
• Internet Technologies (NNTP, Proxy, HTTP, HTTPS, HTLM, SSL, X.509)
• TCP/IP and networking (LAN/WAN/Wireless)
• Intrusion detection and prevention products
• Incident response management
• Public key infrastructure technologies including encryption, Kerberos, certification authorities
• General access control security (Active Directory, Linux, and Mainframe security)
• IPSEC and remote access technologies
• Ethical hacking, Incident Response and case management.
• Forensic tools such as Oxygen, encase, Atola Forensic equipment
• Experience in implementing and operating security technology such as firewalls, multi-level security implementation, security assessment scanners, and security monitoring tools (e.g. IDS/IPS, SEIM, AV, Qualys, etc.)
• Experience in application and network security assessment methodologies, tools, and techniques
• Experience in implementing and operating global end-point security products (anti-virus, anti-malware, hard drive encryption, DLP, etc.)
• Security Coding Standards (e.g. OWASP) and Secure Software Development Lifecycles.SOX and HIPPA compliance requirements and related programs