Cyber Security Analyst II

Our Fortune 500 company is driving a digital transformation and looking for forward-thinking innovators to disrupt how our industry thinks about and uses technology. As one of the world's leading employee benefits providers, we help millions of people gain affordable access to benefits that help them protect their families, their finances and their futures.

Are you an asker of questions, a solver of problems, and a challenger of the status quo? Our mission is to provide a differentiated customer experience and exceed the expectations people have of technology at any company - not just insurers.

We are seeking individuals to join our team of talented IT professionals who share never-ending passion and an unwavering focus on our customer experience. Team members comfortable working in an agile, fast-paced, and delivery-focused environment thrive in our environment where we value an entrepreneurial spirit and those who challenge the status-quo.

Unum is changing, and we're excited about what's next. Join us.

General Summary:
Individuals in the Security Analyst II role provide complex security administration and operational support for security engineers, architects, internal/external auditors, business users, contractors and vendors, as well as IT staff. These services include performing the more complex and technical security access administration and/or cyber operational tasks. The Security Analyst II is seen as being a strong technical subject matter expert within their area of responsibility. This position provides oversees the more complex daily security administration operations, acts as a mentor, and regularly provides guidance and training to less experienced members of staff.

They assist in the creation and operation of an information security framework that defines the technology, policies, procedures and processes needed to address the security needs of Unum and its partners. The information security framework will provide security services to and complement the information technology architecture, as well as integrate with each business' architecture. This framework will provide security for the operation of user access, applications, computing platforms, operating systems, and networks, both voice and data, to ensure the integrity of information assets.

Job Specifications

• Bachelors or advanced degree in computer science, or comparable work experience
• Has 4+ years of related work experience in information technology engineering, support or consulting. It's preferred if two of those years were spent in networking, application development, system security or IT audit related positions
• Demonstrates success in:
• Working effectively in an ambiguous environment and across geographical locations, and functioning independently,
• Detecting and analyzing hostile and other improper actions in such an environment
• Investigating and responding to security alerts, or new security threats with a sense of urgency
• Delivers effective, high-quality solutions in a timely manner while balancing shifting priorities and, at times, accelerated timelines
• Facilitates matching business needs and services options by leveraging knowledge of business strategy, processes, and market offerings to assist in evaluating the most appropriate products and services to meet requirements
• Maintains close relationships with the business to understand strategy, processes, plans, and needs to help influence planning by advising on best practices, innovative technology, and enablement opportunities
• Communicates effectively with business partners, customers, brokers, third party suppliers/partners, and systems resources at all levels.
• Demonstrates strong analytical and problem-solving skills and proactive thinking skills
• Has strong oral and written communications skills

Principal Duties and Responsibilities

• Partners with security engineers to assist in the evaluation vendor product strategies and future product statements and advise, which will be most appropriate to pursue.
• Participates in the implementation and maintenance of sound security policies, procedures and standards spanning across some or all functional areas of security configurations, non-functional security requirements, endpoint protection, data loss prevention, identity and access management capabilities, cloud, cyber security, and security certificate & key management technologies.
• Participates on security projects and program development as assigned, performing and contributing to all aspects of the project.
• Develops partnerships and consults with business partners on integration and security configuration for new or existing software or solutions.
• Participates in the evaluation of vendor product strategies, technology roadmaps, and software enhancements. Consults on the inclusion and rollout of these recommendations in the corporate security roadmap.
• Provides support for the security tool portfolio and processes.
• Provides level II support to the associates and security analysts.
• Uses knowledge of Unum's security framework, technical environment, and cross-organizational IT functions to make security decisions and recommendations.
• Perform cyber security event analysis and generate timeline in order to ascertain the root cause of observed activity and where required, execute remedial actions to mitigate any threats
• Triage, investigate, and respond to alerts coming into the security event observability platforms including the SIEM
• Contribute to cyber threat hunting and detection engineering efforts
• Exercises leadership behaviors in situations that are moderate in terms of complexity, ambiguity, and dependencies.
• Provides system upgrade support for the EISRM technology portfolio.
• Provides technical and troubleshooting support for the Operations team.
• Participates in 24/7 on-call rotation.
• Performs other duties as assigned.

Technical Skills for Identity & Access Management

• Experience in supporting global identity and access management solutions (Identity Management, Access Management, Virtual Directory, SSO)
• Experience on ForgeRock OpenIDM, Oracle OIM and/or other Identity management systems
• Experience on SSO (Single-Sign-On) technologies including Cloud, SAML and federation of identities (IdP initiated and SP initiated), multi-factor authentication
• Experience on CyberArk, Enterprise Certificate Management and Enterprise Token Services technologies.
• Experience with LDAP/Directory Services including Active Directory and Radiant Logic
• Experience with RACF, DB2, SQL
• Experience with Azure, O365 and AWS
• Familiar with regulations, including, GLPA, HIPAA, GDPR, CCPA, and other cyber security regulatory compliance requirements and related programs
• ISO 27001/27002 the NIST Cyber Security Framework
• CISSP, CISM, SANS, and other security related certifications are a plus

Technical Skills for Cyber Security

• Excellent working knowledge of one or more of the following security areas:
• Experience with CrowdStrike Crowdstrike NG-SIEM
• Operating System Security (Windows, Apple, AIX, Linux, zOS)
• Internet Technologies (NNTP, Proxy, HTTP, HTTPS, HTLM, SSL, X.509)
• TCP/IP and networking (LAN/WAN/Wireless)
• Intrusion detection and prevention products
• Incident response management
• Public key infrastructure technologies including encryption, Kerberos, certification authorities
• General access control security (Active Directory, Linux, and Mainframe security)
• IPSEC and remote access technologies
• Ethical hacking, Incident Response and case management.
• Forensic tools such as Oxygen, encase, Atola Forensic equipment
• Experience in implementing and operating security technology such as firewalls, multi-level security implementation, security assessment scanners, and security monitoring tools (e.g. IDS/IPS, SEIM, AV, Qualys, etc.)
• Experience in application and network security assessment methodologies, tools, and techniques
• Experience in implementing and operating global end-point security products (anti-virus, anti-malware, hard drive encryption, DLP, etc.)
• Security Coding Standards (e.g. OWASP) and Secure Software Development Lifecycles.

#LI-TO1

~IN1

#LI-MULTI

Our company is built on helping individuals and families, and this starts with our employees. We want employees to maintain a positive balance, which is why we provide access to the benefits and resources they need to invest in themselves. From our onsite fitness facilities and generous paid time off to employee professional development programs, we are committed to helping employees live and work their best - both inside and outside the office.

Unum is an equal opportunity employer, considering all qualified applicants and employees for hiring, placement, and advancement, without regard to a person's race, color, religion, national origin, age, genetic information, military status, gender, sexual orientation, gender identity or expression, disability, or protected veteran status.

The base salary range for applicants for this position is listed below. Unless actual salary is indicated above in the job description, actual pay will be based on skill, geographical location and experience.
$73,300.00-$150,500.00

Additionally, Unum offers a portfolio of benefits and rewards that are competitive and comprehensive including healthcare benefits (health, vision, dental), insurance benefits (short & long-term disability), performance-based incentive plans, paid time off, and a 401(k) retirement plan with an employer match up to 5% and an additional 4.5% contribution whether you contribute to the plan or not. All benefits are subject to the terms and conditions of individual Plans.

Company:
Unum