Information Security Risk Management Consultant at Unum Group in Atlanta, GA

Our Fortune 500 company is driving a digital transformation and looking for forward-thinking innovators to disrupt how our industry thinks about and uses technology. As one of the world's leading employee benefits providers, we help millions of people gain affordable access to benefits that help them protect their families, their finances and their futures.

Are you an asker of questions, a solver of problems, and a challenger of the status quo? Our mission is to provide a differentiated customer experience and exceed the expectations people have of technology at any company — not just insurers.

We are seeking individuals to join our team of talented IT professionals who share never-ending passion and an unwavering focus on our customer experience. Team members comfortable working in an agile, fast-paced, and delivery-focused environment thrive in our environment where we value an entrepreneurial spirit and those who challenge the status-quo.

Unum is changing, and we’re excited about what’s next. Join us.

General Summary:

The Information Security Risk Management Consultant is a leading role in contributing to horizontal and enterprise business strategy development by bringing forth impacts and opportunities associated with available and emerging technologies. This position ensures alignment of technology goals and plans with corporate security strategies through involvement in operational planning with business partners and provides support for the design, implementation and ongoing maintenance of Unum’s global information security & risk management program. As a highly visible member of the global information security and risk management team, this position provides security and risk management consulting and advisory services to Unum Group and its operating segments. Additionally, this position is responsible for assisting with evaluating risk of Unum’s prospective and incumbent strategic partnerships along with supporting our sales organization by interacting with prospective and existing customers.What You’ll Do

• Functions as a subject matter expert in security analysis and design across the enterprise.

• Shares security knowledge and expertise in multiple cross-organizational enterprise forums. Sphere of influence extends across the enterprise, including prospective and existing customers, 3rd party partners, and senior level managers.

• Takes a lead role in independently and proactively proposing security solutions that address business needs across the enterprise.

• Uses business knowledge to assist with and facilitate all aspects of responding to customer information security inquiries (including working directly with customers); requests proposals for new/renewal business, participates in finalist meetings and supports customer contract language reviews.

• Conducts comprehensive security risk assessments on 3rd party strategic partners as part of the Enterprise 3rd Party Risk management program and supports 3rd party contract language reviews.

• Assists in consulting, establishing, and updating the information security policies, procedures and standards.

• Supports cross-organizational IT and business functions with technical choices for a variety of large, strategic efforts by applying knowledge of Unum’s security framework and technical environment.

• Acts as the security lead monitoring IT and other regulatory requirements as necessary.

• Mentors IT professionals on various information security and IT controls requirements.

• Develops strong partnerships with client management, business clients, application developers, software vendors, and other technical resources which include, but are not limited to: legal, compliance and privacy.

• Maintains close relationships with the business to understand strategy, processes, plans, and needs to help influence planning by advising on best practices, innovation and technology enablement opportunities.

What We’re Looking For

• Bachelors or advanced degree in computer science, or related discipline

• Has 5+ years of information security, risk management, privacy, or audit experience

• Has knowledge of privacy and IT regulations such as HIPAA, GLBA and SOX

• Demonstrates knowledge of information security software, products and technologies

• Has knowledge of industry security standards and IT general control standards including NIST, CoBIT, ITIL, and ISO27002

• Demonstrates knowledge of industry standards and best practices associated with risk management methodologies such as ISACA’s IT Risk Management Framework

• Has a solid foundation in mainframe & distributed technology

• Able to take an enterprise view (see the big picture)

• Highly proficient in exercising leadership behaviors repeatedly in a variety of challenging situations that are complex, ambiguous, and have conflict

• Able to interact at all levels within the organization, including senior management

• Has strong oral and written communications and good presentation skills

• Has strong analytical stills

• Demonstrates customer service orientation & skills

• Able to take initiative, given general direction

• Has strong consulting skills

• CISSP and/or other related certifications (e.g., CIA, CISA, CISM, CRISC, CCSP) are strongly desired