Security Engineer

Unum   •  

Portland, ME

Industry: Technology


5 - 7 years

Posted 177 days ago

This job is no longer available.

General Summary:

This position contributes to strategic decisions at the corporate level and is involved in Security Architecture planning with business and GS partners. The Security Engineer is sought out to address moderate and complex business and technical security problems and work assigned requires general guidance and direction. The Security Engineer considers broad expertise across Information Security disciplines.

Assist in the creation and operation of an information security depth in defense capabilities framework that defines the technology, policies, procedures and processes needed to address the security needs of Unum and its partners. The information security depth in defense framework will provide security services to and complement the information technology architecture and integrate with each business’ architecture. This framework will provide for the secure operation of applications, computing platforms, operating systems, and networks, both voice and data, to ensure the integrity of information assets.

Assist in the creation and execution of enterprise attestation programs, maintaining a strong relationship and partnership with internal and external audit partners. Responsible for solutions to provide Unum internaland external customers Identity and Access Management capabilities including privileged account management across all platforms, access provisioning processes for the enterprise, and secure authentication protocols.

Principal Duties and Responsibilities

  • Performing cyber security monitoring and security incident response, including:
  • Monitors for external threats and indicators of compromise
  • Responds to and leads incident response for threat alerts
  • Monitors for inappropriate utilization of computer resources
  • Assesses reported security threats and weaknesses.
  • Provides level II support for Operations
  • Participates in 24/7 on-call rotation.
  • Participates in ethical hacking red team/blue team exercises.
  • Performs day-to-day operations and technical support, including system upgrades, on the Unum security technology portfolio.
  • Consults on the security framework to IT/Business project teams, and in day-to-day business operations. 
  • Consults with development and business partners on integration and security configuration for new or existing software or solutions
  • Participates in the evaluation of vendor's product strategies, technology roadmaps and software enhancements, and consults on the inclusion and rollout these recommendations in the corporate security roadmap.
  • Develops and consults on sound security policies and procedures.
  • Assists with application and network security assessments, as assigned.
  • Maintains expertise to function as subject matter expert in one or more security disciplines.
  • Develops strong partnerships with business clients, application developers, software vendors and other technical resources.
  • Performs other duties as assigned.

Job Specifications

  • Experience on ForgeRock OpenAM and/or other Web Access Management systems (like CA SiteMinder…)
  • Experience on SSO (Single-Sign-On) technologies including SAML and federation of identities (IdP initiated and SP initiated)
  • Experience on ForgeRock OpenIDM and/or other Identity management systems
  • Knowledge of ForgeRock APIs
  • Knowledge of Cloud based technologies
  • Experience on SSO with cloud based applications
  • BS or advanced degree in computer science or related discipline preferred or comparable work experience.
  • Five or more years of information technology engineering, support or consulting experience, two of those years spent in networking, application development, system security or IT Audit related positions.
  • Demonstrated ability and success in:
  • Working effectively in an ambiguous environment, functioning independently, and effectively working across geographical locations.
  • Detecting and analyzing hostile and other improper actions in such an environment.
  • Investigating and responding to security alerts, or new security threats with a sense of urgency.
  • Strong oral and written communications skills
  • Strong analytical and problem-solving skills and proactive thinking skills
  • Strong Knowledge of (at least one) UNIX, Windows, Mainframe, and/or Apple Operating System vulnerabilities and secure configuration settings
  • Strong Knowledge of threats and vulnerabilities associated with application and network security.
  • Strong Knowledge of the principles of implementation and operation and experience with security technology such as firewalls, multi-level security implementation, security assessment, monitoring and profiles tools (e.g. IDS/IPS, SEIM, AV, Qualys, etc.), and password crackers.
  • Mentor and support junior level security staff
  • Develops strong partnerships with client management, business clients, application developers, software vendors and other technical resources which includes, but not limited to, legal, compliance, and privacy
  • Maintain close relationships with the business to understand strategy, processes, plans and needs to help influence planning by advising on best practices, innovation/technology enablement opportunities
  • Communicates effectively with business partners, customers, brokers, third party suppliers/partners, and systems resources at all levels.
  • Delivers effective, high-quality solutions in a timely manner while balancing shifting priorities and, at times, accelerated timelines.
  • Facilitate matching business needs and services options by leveraging knowledge of business strategy, processes, and market offerings to assist in evaluating the most appropriate products and services to meet its requirements
  • Provide an overall perspective, or point of clarification to partner on operational aspects of a service.  Has a good overall understanding of infrastructure and application portfolios to provide guidance to service partner provider. 
  • Excellent working knowledge of one or more of the following security areas desired:
  • Operating System Security (Windows, Apple, AIX, Linux, zOS)
  • Internet Technologies (NNTP, Proxy, HTTP, HTTPS, HTLM, SSL, X.509)
  • TCP/IP and networking (LAN/WAN/Wireless)
  • Intrusion Detection and Prevention products
  • Incident Response Management
  • Public Key Infrastructure technologies including encryption, Kerberos, certification authorities
  • Application and Network Security Assessments methodologies and tools
  • General Access Control Security (Active Directory, Linux, and Mainframe security)
  • IPSEC and remote access technologies
  • End Point Security products (i.e. Anti-virus, Malware, Hard Drive encryption)
  • Ethical Hacking, Incident Response and case management.

Preferred/Desired Skills:

  • Ability to develop, consult and lead proactive security programs and projects
  • Focus on continuous improvement
  • Experience working in a global security operations role
  • Experience in implementing and operating security technology such as firewalls, multi-level security implementation, security assessment scanners, and security monitoring tools (e.g. IDS/IPS, SEIM, AV, Qualys, etc.)
  • Experience in implementing and supporting global Identity and Access Management solutions (Identity Management, Access Management, Virtual Directory, SSO)
  • Experience in application and network security assessment methodologies, tools, and techniques
  • Experience in implementing and operating global end-point security products (anti-virus, anti-malware, hard drive encryption, DLP, etc.)
  • Security Coding Standards (e.g. OWASP) and Secure Software Development Lifecycles, SOX and HIPPA compliance requirements and related programs
  • ISO 27001/27002 and the NIST Cyber Security Framework
  • Ability to partner with the Global Services organizations responsible for ITIL Service Management based processes associated with Incident, Problem, Change, Availability, and Release Management.
  • Incident Response Management and Computer Forensics a plus
  • CISSP, SANS, and other security related certifications a plus
  • Familiarity with encryption techniques include key management