Security Assurance Lead

Our Fortune 500 company is driving a digital transformation and looking for forward-thinking innovators to disrupt how our industry thinks about and uses technology. As one of the world’s leading employee benefits providers, we help millions of people gain affordable access to benefits that help them protect their families, their finances and their futures.

Are you an asker of questions, a solver of problems, and a challenger of the status quo? Our mission is to provide a differentiated customer experience and exceed the expectations people have of technology at any company — not just insurers.

We are seeking individuals to join our team of talented IT professionals who share never-ending passion and an unwavering focus on our customer experience. Team members comfortable working in an agile, fast-paced, and delivery-focused environment thrive in our environment where we value an entrepreneurial spirit and those who challenge the status-quo.

Unum is changing, and we’re excited about what’s next. Join us.

General Summary:

Unum is hiring a Security Assurance Lead within the Global Information Security division. This person will be a key contributor in the execution of Unum’s recently created Security Assurance program. The Security Assurance Lead will coordinate with business and IT teams to assist with the implementation and ongoing execution of the Security Assurance program by utilizing your knowledge of controls, people, process, and technology as it relates to information security.

Technical Skills for Security Assurance

  • 5+ years’ experience working in a highly regulated corporate risk environment.
  • 5+ years’ experience working with controls, control frameworks, and regulations such as NIST, FFIEC, PCI, HIPAA, and NAIC among others.
  • 3+ years’ experience assessing and analyzing the operations, processes, and procedures of various business units as it relates to security controls.
  • Bachelor’s degree in cyber security or related field, or relevant technical experience.
  • CISSP, CISM, CISA, SANS, and other related certifications or advanced degrees are a plus.
  • Experience applying and mapping common controls frameworks to enterprise control libraries, business processes, systems, and applications.
  • Experience developing and maintaining a security control library based on common security control frameworks.
  • Possess strong interpersonal skills and the ability to work directly with security control owners, especially those that are outside of the direct security organizational structure.
  • Experience with self-testing, audit results, incident review, regulatory alignment, and management observation and insights as it relates to security controls.
  • Familiarity with fully automated controls, control testing automation, Compliance-as-Code (CaC), Infrastructure-as-Code (IaC), and DevSecOps.
  • Proficient in methods and techniques for running effective meetings and for understanding and influencing the roles played by participants.
  • Demonstrates the ability to champion change and support teams through change.
  • Demonstrates the ability to think critically, challenge conventional thinking and generate and apply unique business insight to create competitive advantage for the organization.

Principal Duties and Responsibilities

  • Identify and work with control owners to ensure that security controls are comprehensive in nature, applied consistently, and global in scope.
  • Assist in the identification of controls, control owners, and processes within the organization as it relates to Unum’s security program.
  • Align controls with relevant regulatory and compliance frameworks to determine gaps and areas of improvement.
  • Assist in the mapping of controls to the individual processes within the organization.
  • Assist in the automation of controls or control testing to ensure that security has minimal ongoing impact on delivery teams and business objectives.
  • Consult with business units regularly to ensure that planned changes in their processes or in the security program itself do not adversely affect control effectiveness.
  • Support other areas of the Global Information Security program as necessary to ensure that program objectives are met





Our company is built on helping individuals and families, and this starts with our employees. We want employees to maintain a positive balance, which is why we provide access to the benefits and resources they need to invest in themselves. From our onsite fitness facilities and generous paid time off to employee professional development programs, we are committed to helping employees live and work their best – both inside and outside the office.

Unum is an equal opportunity employer, considering all qualified applicants and employees for hiring, placement, and advancement, without regard to a person’s race, color, religion, national origin, age, genetic information, military status, gender, sexual orientation, gender identity or expression, disability, or protected veteran status.



More Information

Apply for this job

Leave your thoughts

Share this job