Job Information
UNUM Security Analyst I - Incident Management (Hybrid opportunity) in Portland, Maine
Our Fortune 500 company is driving a digital transformation and looking for forward-thinking innovators to disrupt how our industry thinks about and uses technology. As one of the world's leading employee benefits providers, we help millions of people gain affordable access to benefits that help them protect their families, their finances and their futures.
Are you an asker of questions, a solver of problems, and a challenger of the status quo? Our mission is to provide a differentiated customer experience and exceed the expectations people have of technology at any company — not just insurers.
We are seeking individuals to join our team of talented IT professionals who share never-ending passion and an unwavering focus on our customer experience. Team members comfortable working in an agile, fast-paced, and delivery-focused environment thrive in our environment where we value an entrepreneurial spirit and those who challenge the status-quo.
Unum is changing, and we’re excited about what’s next. Join us.
General Summary:
Unum is seeking a skilled and proactive Security Analyst specializing in Incident Management to join our dynamic IT Security team. In this critical role, you will be responsible for detecting, analyzing, and responding to security incidents, ensuring the integrity and resilience of our organization's information systems. If you have a passion for cybersecurity, strong analytical abilities, and a drive for continuous improvement, we want to hear from you.
Job Specifications
Bachelors degree, or equivalent experience
Has 2+ years of related work experience
GIAC Certified Incident Handler Certification (GCIH) is helpful
Demonstrates a working knowledge of corporate, industry and professional standards, e.g. ITIL, and Agile methodology
Demonstrates experience in:
Microsoft environment including Wintel/Distributed Environment/Active Directory, Windows Operating Systems, Windows Server Operating Systems, Exchange/Outlook, SharePoint, SQL
IBM Mainframe and Middleware environments including RACF, Websphere, MQ, DB2, IMS, Linux, AIX
Identity and access management tools and processes (Oracle, iAcces, My Access, Quest/Dell)
Has strong understanding of the following security technologies:
RACF, TSO, TPX, JCL
Active Directory, AD Users and Groups, Hyena, Quest/Dell Active Roles, Powershell
Proficient in the following requirements and concepts:
Audit and compliance requirements
Network security concepts and high level risks
Access review program and related SOS/SOX/SOC processes and requirements
Self-motivated, results oriented and organized
Demonstrates strong focus on quality delivery and delighting customers; holds self to high standards of delivery
Demonstrates good oral and written communication skills; able to communicate effectively with systems associates at all levels
Strong team player; able to work effectively within a team and more broadly with people from a variety of backgrounds and areas across the organization
Able to effectively handle multiple assignments, work under minimal direction, and deal effectively with changing business priorities and conflicts
Promotes team collaboration
Technical Skills for Incidence Management:
Experience on SSO (Single-Sign-On) technologies including cloud, SAML and federation of identities (IdP initiated and SP initiated), multi-factor authentication
Experience with LDAP/Directory Services including Active Directory
Experience with RACF, DB2, SQL
Experience with Azure, O365 and AWS
Familiar with regulations, including, GLPA, HIPAA, GDPR, CCPA, and other cyber security regulatory compliance requirements and related programs
ISO 27001/27002 the NIST Cyber Security Framework
CISSP, CISM, SANS, and other security related certifications are a plus
Intermediate to advance understanding of cybersecurity risk methodologies
Technical Skills for Cyber Security
Operating System Security (Windows, Apple, AIX, Linux, zOS)
Internet Technologies (NNTP, Proxy, HTTP, HTTPS, HTLM, SSL, X.509)
TCP/IP and networking (LAN/WAN/Wireless)
Intrusion detection and prevention products
Cybersecurity Incident management
Public key infrastructure technologies including encryption, Kerberos, certification authorities
General access control security (Active Directory, Linux, and Mainframe security)
End-point security products (i.e. Anti-virus, Malware, Hard Drive encryption)
Ethical hacking, incident response and case management
Forensic tools such as Oxygen, encase, Atola Forensic equipment
Experience in application and network security assessment methodologies, tools, and techniques
Familiar with regulations, including, GLPA, HIPAA, GDPR, CCPA, and other cyber security regulatory compliance requirements and related programs
Principal Duties and Responsibilities
Executes the operation, reporting and continuous improvement of the services/functions required to deliver and support infrastructure services and products to meet the needs of the business.
Partners with manager(s), solutions engineer(s), and service manager(s) on the operational aspects of associated services (Service and Incident Management) to meet or exceed committed service levels.
Supports team processes to ensure the stability and performance of Identity and Access Management services/functions. Addresses/adjusts services proactively as needed to maintain or exceed service levels to business.
For accountable services, partners with the Information Technology organizations responsible for ITIL Service Management based processes associated with Incident, Problem, Change, Availability, and Release Management.
Works as part of a team that leverages agile approaches (KANBAN) to meet business needs at an accelerated pace.
Frequently participates in and may lead complex, cross-functional projects.
Formulates specific project tasks, identifying timeframes and needed resources; accountable for plan completion.
Assists with providing daily work direction, technical leadership, and mentoring for team members.
Communicates and assigns order to high-priority incidents.
May serve as a focal point for CSI (Continual Service Improvement) initiatives.
Is a subject matter expert on the existing departmental/unit/functional processes and procedures, process inputs/outputs and dependencies specific to the role.
Negotiates effectively with business and IT partners regarding proposed timelines, recognizes potential conflicts, and facilitates conflict resolution as required.
Adapts to change, acts as a change agent, and works effectively in a dynamic environment.
Available to support an incident 24/7 as needed
Participates in Release activities, Mainframe Open Houses, and implementation support as needed.
Additional Duties:
Incident Detection and Response:
Monitor security alerts and incidents across systems and networks.
Analyze security incidents to identify potential threats and breaches.
Respond to and manage incidents to mitigate damage and restore operations.
Incident Investigation:
Conduct investigations to determine the root cause and impact of security incidents.
Collect and analyze evidence from affected systems to understand the nature of attacks.
Incident Coordination:
Collaborate with IT, legal, compliance, and other teams to manage and resolve security incidents.
Facilitate communication with stakeholders, including senior management, providing updates and reports.
Incident Documentation:
Maintain detailed records of incidents, including timelines, actions, and outcomes.
Document lessons learned and update incident response plans and procedures.
Post-Incident Analysis:
Conduct reviews to assess the effectiveness of responses and identify improvement areas.
Develop and implement recommendations to enhance the organization's security posture.
Security Monitoring and Tools Management:
Use security tools and technologies to monitor for potential threats.
Ensure tools are properly configured and updated.
-Training and Awareness:
Educate employees on security best practices and incident response protocols.
Conduct training sessions and simulations to prepare for potential incidents.
Compliance and Reporting:
Ensure compliance with industry regulations and internal policies related to incident management.
Prepare and present incident reports to regulatory bodies and internal stakeholders.
#LI-AS3
#LI-MULTI
#LI-Hybrid
IN1
Our company is built on helping individuals and families, and this starts with our employees. We want employees to maintain a positive balance, which is why we provide access to the benefits and resources they need to invest in themselves. From our onsite fitness facilities and generous paid time off to employee professional development programs, we are committed to helping employees live and work their best – both inside and outside the office.
Unum is an equal opportunity employer, considering all qualified applicants and employees for hiring, placement, and advancement, without regard to a person's race, color, religion, national origin, age, genetic information, military status, gender, sexual orientation, gender identity or expression, disability, or protected veteran status.
The base salary range for applicants for this position is listed below. Unless actual salary is indicated above in the job description, actual pay will be based on skill, geographical location and experience.
$60,500.00-$117,500.00
Additionally, Unum offers a portfolio of benefits and rewards that are competitive and comprehensive including healthcare benefits (health, vision, dental), insurance benefits (short & long-term disability), performance-based incentive plans, paid time off, and a 401(k) retirement plan with an employer match up to 5% and an additional 4.5% contribution whether you contribute to the plan or not. All benefits are subject to the terms and conditions of individual Plans.
Company:
Unum
UNUM
- UNUM Jobs