Security Analyst I - Incident Management (Hybrid opportunity)

Our Fortune 500 company is driving a digital transformation and looking for forward-thinking innovators to disrupt how our industry thinks about and uses technology.

As one of the world's leading employee benefits providers, we help millions of people gain affordable access to benefits that help them protect their families, their finances and their futures.

Are you an asker of questions, a solver of problems, and a challenger of the status quo? Our mission is to provide a differentiated customer experience and exceed the expectations people have of technology at any company - not just insurers.

We are seeking individuals to join our team of talented IT professionals who share never-ending passion and an unwavering focus on our customer experience.

Team members comfortable working in an agile, fast-paced, and delivery-focused environment thrive in our environment where we value an entrepreneurial spirit and those who challenge the status-quo.

Unum is changing, and we're excited about what's next. Join us.

General Summary :

Unum is seeking a skilled and proactive Security Analyst specializing in Incident Management to join our dynamic IT Security team.

In this critical role, you will be responsible for detecting, analyzing, and responding to security incidents, ensuring the integrity and resilience of our organization's information systems.

If you have a passion for cybersecurity, strong analytical abilities, and a drive for continuous improvement, we want to hear from you.

Job Specifications

• Bachelors degree, or equivalent experience
• Has 2+ years of related work experience
• GIAC Certified Incident Handler Certification (GCIH) is helpful
• Demonstrates a working knowledge of corporate, industry and professional standards, e.g. ITIL, and Agile methodology
• Demonstrates experience in :
• Microsoft environment including Wintel / Distributed Environment / Active Directory, Windows Operating Systems, Windows Server Operating Systems, Exchange / Outlook, SharePoint, SQL
• IBM Mainframe and Middleware environments including RACF, Websphere, MQ, DB2, IMS, Linux, AIX
• Identity and access management tools and processes (Oracle, iAcces, My Access, Quest / Dell)
• Has strong understanding of the following security technologies :
• RACF, TSO, TPX, JCL
• Active Directory, AD Users and Groups, Hyena, Quest / Dell Active Roles, Powershell
• Proficient in the following requirements and concepts :
• Audit and compliance requirements
• Network security concepts and high level risks
• Access review program and related SOS / SOX / SOC processes and requirements
• Self-motivated, results oriented and organized
• Demonstrates strong focus on quality delivery and delighting customers; holds self to high standards of delivery
• Demonstrates good oral and written communication skills; able to communicate effectively with systems associates at all levels
• Strong team player; able to work effectively within a team and more broadly with people from a variety of backgrounds and areas across the organization
• Able to effectively handle multiple assignments, work under minimal direction, and deal effectively with changing business priorities and conflicts
• Promotes team collaboration

Technical Skills for Incidence Management :

• Experience on SSO (Single-Sign-On) technologies including cloud, SAML and federation of identities (IdP initiated and SP initiated), multi-factor authentication
• Experience with LDAP / Directory Services including Active Directory
• Experience with RACF, DB2, SQL
• Experience with Azure, O365 and AWS
• Familiar with regulations, including, GLPA, HIPAA, GDPR, CCPA, and other cyber security regulatory compliance requirements and related programs
• ISO 27001 / 27002 the NIST Cyber Security Framework
• CISSP, CISM, SANS, and other security related certifications are a plus
• Intermediate to advance understanding of cybersecurity risk methodologies

Technical Skills for Cyber Security

• Operating System Security (Windows, Apple, AIX, Linux, zOS)
• Internet Technologies (NNTP, Proxy, HTTP, HTTPS, HTLM, SSL, X.509)
• TCP / IP and networking (LAN / WAN / Wireless)
• Intrusion detection and prevention products
• Cybersecurity Incident management
• Public key infrastructure technologies including encryption, Kerberos, certification authorities
• General access control security (Active Directory, Linux, and Mainframe security)
• End-point security products (i.e. Anti-virus, Malware, Hard Drive encryption)
• Ethical hacking, incident response and case management
• Forensic tools such as Oxygen, encase, Atola Forensic equipment
• Experience in application and network security assessment methodologies, tools, and techniques
• Familiar with regulations, including, GLPA, HIPAA, GDPR, CCPA, and other cyber security regulatory compliance requirements and related programs

Principal Duties and Responsibilities

• Executes the operation, reporting and continuous improvement of the services / functions required to deliver and support infrastructure services and products to meet the needs of the business.
• Partners with manager(s), solutions engineer(s), and service manager(s) on the operational aspects of associated services (Service and Incident Management) to meet or exceed committed service levels.
• Supports team processes to ensure the stability and performance of Identity and Access Management services / functions.

Addresses / adjusts services proactively as needed to maintain or exceed service levels to business.

• For accountable services, partners with the Information Technology organizations responsible for ITIL Service Management based processes associated with Incident, Problem, Change, Availability, and Release Management.
• Works as part of a team that leverages agile approaches (KANBAN) to meet business needs at an accelerated pace.
• Frequently participates in and may lead complex, cross-functional projects.
• Formulates specific project tasks, identifying timeframes and needed resources; accountable for plan completion.
• Assists with providing daily work direction, technical leadership, and mentoring for team members.
• Communicates and assigns order to high-priority incidents.
• May serve as a focal point for CSI (Continual Service Improvement) initiatives.
• Is a subject matter expert on the existing departmental / unit / functional processes and procedures, process inputs / outputs and dependencies specific to the role.
• Negotiates effectively with business and IT partners regarding proposed timelines, recognizes potential conflicts, and facilitates conflict resolution as required.
• Adapts to change, acts as a change agent, and works effectively in a dynamic environment.
• Available to support an incident 24 / 7 as needed
• Participates in Release activities, Mainframe Open Houses, and implementation support as needed.
• Additional Duties :

Incident Detection and Response :

• Monitor security alerts and incidents across systems and networks.
• Analyze security incidents to identify potential threats and breaches.
• Respond to and manage incidents to mitigate damage and restore operations.

Incident Investigation :

• Conduct investigations to determine the root cause and impact of security incidents.
• Collect and analyze evidence from affected systems to understand the nature of attacks.

Incident Coordination :

• Collaborate with IT, legal, compliance, and other teams to manage and resolve security incidents.
• Facilitate communication with stakeholders, including senior management, providing updates and reports.

Incident Documentation :

• Maintain detailed records of incidents, including timelines, actions, and outcomes.
• Document lessons learned and update incident response plans and procedures.

Post-Incident Analysis :

• Conduct reviews to assess the effectiveness of responses and identify improvement areas.
• Develop and implement recommendations to enhance the organization's security posture.

Security Monitoring and Tools Management :

• Use security tools and technologies to monitor for potential threats.
• Ensure tools are properly configured and updated.
• Training and Awareness :
• Educate employees on security best practices and incident response protocols.
• Conduct training sessions and simulations to prepare for potential incidents.

Compliance and Reporting :

• Ensure compliance with industry regulations and internal policies related to incident management.
• Prepare and present incident reports to regulatory bodies and internal stakeholders.

LI-AS3

LI-MULTI

LI-Hybrid

Our company is built on helping individuals and families, and this starts with our employees. We want employees to maintain a positive balance, which is why we provide access to the benefits and resources they need to invest in themselves.

From our onsite fitness facilities and generous paid time off to employee professional development programs, we are committed to helping employees live and work their best - both inside and outside the office.

Unum is an equal opportunity employer, considering all qualified applicants and employees for hiring, placement, and advancement, without regard to a person's race, color, religion, national origin, age, genetic information, military status, gender, sexual orientation, gender identity or expression, disability, or protected veteran status.

The base salary range for applicants for this position is listed below. Unless actual salary is indicated above in the job description, actual pay will be based on skill, geographical location and experience.

$60,500.00-$117,500.00

Additionally, Unum offers a portfolio of benefits and rewards that are competitive and comprehensive including healthcare benefits (health, vision, dental), insurance benefits (short & long-term disability), performance-based incentive plans, paid time off, and a 401(k) retirement plan with an employer match up to 5% and an additional 4.

5% contribution whether you contribute to the plan or not. All benefits are subject to the terms and conditions of individual Plans.

Company : Unum

Unum