Kemper Corporation

Identity Security Posture Management (ISPM) Specialist

Kemper Corporation$89K — $148K *
Information Technology
5 - 7 years of experience
Job Overview by Ladders

Qualifications

  • Bachelor's degree or equivalent in Information Cyber Security, Risk Management or Governance Risk and Compliance
  • 7+ years in third-party cyber and data risk management
  • Expert knowledge of cyber and data security disciplines
  • 5+ years in identity security and IAM/IGA
  • Familiarity with platforms like Azure AD, SailPoint, and CyberArk
  • Strong analytical skills with problem-solving capabilities
  • Excellent verbal and written communication skills

Responsibilities

  • Monitor identity exposure and security posture continuously
  • Manage and enhance the Identity Security Posture Management (ISPM) capability
  • Identify and track identity security issues like excessive privileges and dormant accounts
  • Enforce SLA-based remediation for critical findings in Identity Exposure Register
  • Coordinate remediation efforts with system owners regarding access control
  • Produce audit-ready reporting for compliance needs
  • Build ISPM dashboards and present trends to stakeholders

Benefits

  • Medical, Dental, and Vision coverage
  • Paid Time Off (PTO)
  • 401(k) plan
  • Annual discretionary bonus
  • Equity participation
Full Job Description
Location(s)
Dallas, Texas, Jacksonville, Florida, P&C-Butterfield Road-Downers Grove-IL-AAC

Details

Manages and matures our identity security posture-executes continuously monitoring and remediating identity risk and access exposure across IAM/IGA/PAM-reducing breach likelihood and audit/compliance risk. The Identity Security Posture Management (ISPM) Specialist is responsible for improving the organization's identity security posture by continuously identifying, prioritizing, and driving remediation of identity-related exposures across the enterprise. This role partners with Account Operations, IGA, PAM, Cybersecurity Operations, IT infrastructure, and application owners to reduce identity attack paths, strengthen privileged access controls, and produce measurable risk reduction aligned to regulatory and audit expectations

Responsibilities:
  • Identity posture monitoring & exposure management
  • Operate and mature the Identity Security Posture Management capability (ISPM) to discover identity exposures across Identity Providers (e.g., Entra ID/AD), SaaS applications, cloud environments, and critical business systems.
  • Identify and track identity security issues such as excessive privileges, dormant accounts, misconfigured admin roles, weak authentication enforcement, privilege escalation paths, and risky third-party access.
  • Maintain an Identity Exposure Register with severity, business impact, owner, remediation plan, and due dates; enforce SLA-based remediation for critical findings.
  • Risk prioritization & remediation orchestration
  • Triage and prioritize findings using risk-based methods (e.g., likelihood/impact, exploitability, business criticality).
  • Coordinate remediation with system owners: role redesign, least privilege enforcement, MFA coverage improvements, privileged role controls, conditional access, and entitlement clean-up.
  • Drive reduction of inappropriate combinations and segmentation-of-duties issues where relevant.
  • Controls, audit, and compliance enablement
  • Provide evidence to support identity-related controls (e.g., privileged access governance, MFA enforcement, access review/UAR posture, joiner-mover-leaver quality, service account governance).
  • Produce audit-ready reporting and artifacts for internal audit and external auditors (SOX/ITGC/GITC reliance, regulator exams).
  • Ensure posture findings are connected to policy/standard requirements and tracked through governance workflows.
  • Telemetry, metrics, and executive reporting
  • Build and maintain ISPM dashboards and KRIs (e.g., privileged role sprawl, stale privileged accounts, MFA coverage, high-risk entitlements, remediation cycle time).
  • Present posture trends and remediation progress to Identity Security & Governance leadership and stakeholders (CISO org, IT, app owners).
  • Integration & automation
  • Partner with engineering teams to integrate ISPM insights with ticketing/workflow tools (e.g., Axonius, ServiceNow/Jira), SIEM/SOAR, IGA (e.g., SailPoint), and PAM (e.g., CyberArk).
  • Automate repeatable posture checks where possible (APIs, scripts, scheduled reports), and document repeatable playbooks/runbooks.
  • Collaboration & stakeholder enablement
  • Act as a trusted advisor to application and infrastructure teams on identity security best practices (least privilege, role design, privileged access, authentication hardening).
  • Contribute to identity governance operating procedures, playbooks, and standard updates.


Job Requirements
  • Bachelor's degree or an equivalent mix of education and experience in Information Cyber Security, Risk Management and Governance Risk and Compliance.
  • 7+ years of relevant experience in third-party cyber and data risk management and conducting third-party cyber and data risk assessments.
  • Experience with reviewing and negotiating cyber and data security contract language.
  • Expert knowledge of cyber and data security and risk disciplines and practices.
  • Advanced knowledge of technology controls, security, and risk issues.
  • Strong eye for detail and ability to successfully manage and conduct third-party cyber and data assessments, gather evidence, and coordinate risk remediation responses.
  • A team player with strong collaboration skills and the ability to work with minimal supervision.
  • Ability to leverage strong verbal, written communication skills to collaborate with cross-functional teams.
  • Strong analytical and problem-solving skills capable of managing projects that drive business objectives.
  • Demonstrated ability to participate in complex, comprehensive or large projects and initiatives.
  • Ability to serve as a lead expert resource in technology controls and information security for project teams, the business, organization, and outside vendors.
  • 5+ years in identity security, IAM/IGA, security operations, or security risk management with hands-on exposure to identity platforms.
  • Working knowledge of identity concepts: authentication, authorization, RBAC/ABAC, privileged access, service accounts, identity lifecycle, entitlement models, and access reviews.
  • Experience interpreting identity-related findings and coordinating remediation with technical and business stakeholders.
  • Familiarity with at least two of the following areas: Entra ID/Azure AD, Active Directory, SailPoint (or equivalent IGA), CyberArk (or equivalent PAM), AWS/Azure identity constructs, common SaaS admin models.
  • Strong documentation and reporting skills (evidence packs, dashboards, executive-ready summaries).

Preferred Qualifications

  • Experience with ISPM/identity exposure tooling (identity threat detection, entitlement risk, posture management, attack path analysis).
  • Experience in regulated industries (insurance, financial services, healthcare) and audit support (SOX/ITGC, NYDFS, GLBA).Practical automation skills (PowerShell, Python, KQL, APIs) to streamline posture checks and reporting.
  • Certifications (nice to have): Security+, SSCP, CISSP (or associate), GIAC IAM-related, Microsoft/AWS security certifications.


Key Competencies
  • Risk-based prioritization; analytical thinking; stakeholder management
  • Strong written communication; evidence discipline
  • Operational rigor (tracking, SLAs, follow-through)
  • Ability to translate technical identity findings into business risk


This position is a hybrid role that sits in either our Downers Grove, IL, Dallas, TX or Jacksonville, FL office locations

The base range for this position is $89,000 to $148,100. When determining candidate offers, we consider experience, skills, education, certifications, and geographic location among other factors. This job is eligible for an annual discretionary bonus, equity, and Kemper benefits (Medical, Dental, Vision, PTO, 401k, etc.)

#LI-AK

About Kemper Corporation

Kemper Corporation is an insurance holding company that provides property and casualty insurance, life and health insurance, and other financial products and services. The company was founded in 1990 and is headquartered in Chicago, Illinois. Kemper's property and casualty insurance products include personal and commercial auto insurance, homeowners insurance, and renters insurance. The company's life and health insurance products include individual life insurance, group life insurance, and health insurance. Kemper Corporation operates through its subsidiaries, which include Kemper Preferred, Kemper Specialty, and Kemper Life.
Learn more about Kemper Corporation
Size
10,300 employees
Market Cap
$3.2 billion
Industry
Net Income
$409.9 million
5 Year Trend
+17.4%
Revenue
$5.1 billion
NASDAQ

Similar Jobs

More Jobs at Kemper Corporation

More Information Technology Jobs

Find similar Identity Security Posture Management (ISPM) Specialist jobs: