Sr. Security Engineer (Cloud Security)

Unum Group   •  

Portland, ME

Industry: Technology


5 - 7 years

Posted 37 days ago

General Summary:

This exciting role supports the advancement of the Identity and Access Management framework with future ready capabilities, innovative customer solutions balancing security with a modern, user friendly customer experience for a Fortune 500 multinational company.

This position contributes to strategic decisions at the corporate level and is involved in Enterprise and Infrastructure Architecture planning with business partners. The Security Engineer is sought out to address the most complex business and technical security problems and work assigned requires minimal direction with high initiative and thought leadership.

The role will assist in the creation, development and execution of enterprise access management solutions, privileged account management, attestation programs, and identity lifecycle for internal and external partners and customers. The identity and access management framework will provide for the secure operation of applications, computing platforms, operating systems, and networks, to ensure the integrity of information assets.

They assist in the creation and execution of enterprisesecurity programs, maintaining a strong relationship andpartnership withinternal and externalaudit partners. They areresponsible for providing solutions tointernal and external customers Identity and Access Management capabilities including privileged account management across all platforms, access provisioningprocessesfor the enterprise, and secure authentication protocols.

Principal Duties and Responsibilities

  • Performing cybersecurity monitoring and security incident response, including:
  • Monitors for external threats and indicators of compromise
  • Responds to and leads incident response for threat alerts
  • Monitors for inappropriate utilization of computer resources
  • Assesses reported securitythreats and weaknesses.
  • Provides level II support for Operations
  • Participates in 24/7 on-call rotation.
  • Participates in ethical hacking red team/blue team exercises.
  • Performs day-to-day operations and technical support, including system upgrades, on the Unum security technology portfolio.
  • Consults on the security framework to IT/Business project teams, and in day-to-day business operations.
  • Consults with development and business partners on integration and security configuration for new or existing software or solutions
  • Participates in the evaluation of vendor's product strategies, technology roadmaps and software enhancements, and consults on the inclusion and rollout these recommendations in the corporate security roadmap.
  • Develops and consults on sound security policies and procedures.
  • Assists with application and networksecurity assessments, as assigned.
  • Maintains expertise to function as subject matter expert in one or more security disciplines.
  • Develops strong partnerships with business clients, application developers, software vendors and other technical resources.
  • Performs other duties as assigned.

Job Specifications

  • Bachelors or advanced degree in computer science or related discipline preferred or comparable work experience.
  • 6+ years of related work experience in information technology engineering, support or consulting experience. Preferred if two of those years was spent in networking, application development, system security or IT Audit related positions.
  • Demonstrated ability and success in:
  • Working effectively in an ambiguous environment, functioning independently, and effectively working across geographical locations.
  • Detecting and analyzing hostile and other improper actions in such an environment.
  • Investigating and responding to security alerts, or new securitythreats with a sense of urgency.
  • Strong oral and written communications skills
  • Strong analytical and problem-solving skills and proactive thinking skills
  • Strong Knowledge of (at least one) UNIX, Windows, Mainframe, and/or Apple Operating System vulnerabilities and secure configuration settings
  • Strong Knowledge of threats and vulnerabilities associated with application and networksecurity.
  • Strong Knowledge of the principles of implementation and operation and experience with security technology such as firewalls, multi-level security implementation, security assessment, monitoring and profiles tools (e.g. IDS/IPS, SEIM, AV, Qualys, etc.), and password crackers.
  • Mentor and support junior level security staff
  • Develops strong partnerships with client management, business clients, application developers, software vendors and other technical resources which includes, but not limited to, legal, compliance, and privacy
  • Maintain close relationships with the business to understand strategy, processes, plans and needs to help influence planning by advising on best practices, innovation/technology enablement opportunities
  • Communicates effectively with business partners, customers, brokers, third party suppliers/partners, and systems resources at all levels.
  • Delivers effective, high-quality solutions in a timely manner while balancing shifting priorities and, at times, accelerated timelines.
  • Facilitate matching business needs and services options by leveraging knowledge of business strategy, processes, and market offerings to assist in evaluating the most appropriate products and services to meet its requirements
  • Provide an overall perspective or point of clarification to partner on operational aspects of a service. Has a good overall understanding of infrastructure and application portfolios to provide guidance to service partner provider.

Technical Skills for Identity & Access Management

  • Experience in implementing and supporting global Identity and Access Management solutions (Identity Management, Access Management, Virtual Directory, SSO)
  • Knowledge and experience on Oracle OAM, ForgeRock OpenAM; Sailpoint and/or other Web Access Management systems (like CA SiteMinder), and API integration
  • Experience on ForgeRock OpenIDM, Oracle OIM, Sailpoint and/or other Identity management systems
  • Experience on SSO (Single-Sign-On) technologies including Cloud, SAML and federation of identities (IdP initiated and SP initiated), multi-factor authentication
  • Experience on CyberArk, Enterprise Certificate Management and Enterprise Token Services technologies.
  • Experience with LDAP/Directory Services including Active Directory and Radiant Logic
  • Experience with RACF, DB2, SQL
  • Experience with Azure, O365 and AWS
  • Familiar with Regulations, including, GLPA, HIPAA, GDPR, CCPA, and other Cyber Security Regulatory compliance requirements and related programs
  • ISO 27001/27002 the NIST Cyber Security Framework
  • CISSP, CISM, SANS, and other security related certifications a plus

Technical Skills for Cyber Security

  • Excellent working knowledge of one or more of the followingsecurity areasdesired:
    • Operating System Security (Windows, Apple, AIX, Linux, zOS)
    • Internet Technologies (NNTP, Proxy, HTTP, HTTPS, HTLM, SSL, X.509)
    • TCP/IP and networking (LAN/WAN/Wireless)
    • Intrusion Detection and Prevention products
    • Incident Response Management
    • Public Key Infrastructure technologies including encryption, Kerberos, certification authorities
    • Application and Network Security Assessments methodologies and tools
    • General Access Control Security (Active Directory, Linux, and Mainframe security)
    • IPSEC and remote access technologies
    • End Point Security products (i.e. Anti-virus, Malware, Hard Drive encryption)
    • Ethical Hacking, Incident Response and case management.
    • Forensic tools such as Oxygen, encase, Atola Forensic equipment
  • Experience in implementing and operating security technology such as firewalls, multi-level security implementation, security assessment scanners, and security monitoring tools (e.g. IDS/IPS, SEIM, AV, Qualys, etc.)
  • Experience in application and networksecurity assessment methodologies, tools, and techniques
  • Experience in implementing and operating global end-point security products (anti-virus, anti-malware, hard drive encryption, DLP, etc.)
  • Security Coding Standards (e.g. OWASP) and Secure Software Development Lifecycles. SOX and HIPPA compliance requirements and related programs
  • Familiar with Regulations, including, GLPA, HIPAA, GDPR, CCPA, and other Cyber Security Regulatory compliance requirements and related programs
  • ISO 27001/27002 the NIST Cyber Security Framework
  • CISSP, CISM, SANS, and other security related certifications a plus