Vice President, Deputy Chief Information Security Officer

Job Posting End Date : May 31

Our Fortune 500 company is driving a digital transformation and looking for forward-thinking innovators to disrupt how our industry thinks about and uses technology.

As one of the world's leading employee benefits providers, we help millions of people gain affordable access to benefits that help them protect their families, their finances and their futures.

Are you an asker of questions, a solver of problems, and a challenger of the status quo? Our mission is to provide a differentiated customer experience and exceed the expectations people have of technology at any company not just insurers.

We are seeking individuals to join our team of talented IT professionals who share never-ending passion and an unwavering focus on our customer experience.

Team members comfortable working in an agile, fast-paced, and delivery-focused environment thrive in our environment where we value an entrepreneurial spirit and those who challenge the status-quo.

Unum is changing, and we’re excited about what’s next. Join us.

General Summary :

The Vice President of Information Security is responsible for designing and executing a cybersecurity technology strategy.

The VP position requires a demonstrated leader with extensive experience in cybersecurity technology and business management and apply that knowledge to ensure Unum is at the leading edge of cybersecurity in the insurance industry.

The VP will collaboratively work with the CISO and IT to meaningfully translate the strategy to executive and senior leadership.

The VP oversees management of several ongoing activities related to the availability, integrity and confidentiality of customers, business partners, employees, and business information, in compliance with the organization's information security policies.

A key element of the VP’s role is working with the CISO, CTO, and Senior leadership to maintain security technology architecture, strategy and operations in a state that efficiently maximizes cyber threat response and cyber risk reduction.

Principal Duties and Responsibilities

• Support the development, implementation and monitoring of a strategic, comprehensive enterprise information security and risk management technology strategy to ensure the integrity, confidentiality and availability of information owned, controlled, or processed by the organization.
• Lead multiple security technology teams in GIS (Security Operations, Engineering, Architecture, Threat Management, Attack Surface Management and Vulnerability Management) in support of a coordinated strategy to identify, protect from, detect, and respond to security events.
• Act as general management leader of the GIS department, capable of filling in for the CISO as needed, which requires general experience and knowledge of information security regulation, compliance, governance, IAM, incident response, metrics and executive reporting.
• Develop, communicate, and ensure compliance with organizational security policies and technical security standards.
• Work directly with the CTO Office to facilitate IT threat response and risk management controls, identify acceptable levels of risk, and establish roles and responsibilities with regard to information protection.
• Liaise with key partners across the enterprise to ensure alignment of security strategy, policy, and procedures.
• Work with the CISO to ensure that security programs are in compliance with applicable US and International laws, regulations, and policies to minimize or eliminate risk and audit findings.
• Facilitate and execute the cyber defense operations of the organization, including reporting and oversight of security control effectiveness.
• Partner with the Head of Information Security Incident Response and with Crisis Management and Operational Resiliency in the management of security incidents and events to protect corporate IT assets, including intellectual property, fixed assets, and the company's reputation.
• Oversee the development of effective disaster recovery policies and standards; coordinate the development of implementation plans and procedures to ensure that business-critical services are recovered in the event of a declared disaster and provide direction and in-house consulting in these areas.
• Consult with Senior Management and the CISO on the information security strategy, direction and key areas of concern and support similar consultations with the Board.
• Continually monitor security trends and industry best practices.
• May perform other duties as assigned.

Job Specifications

• Minimum of 15+ years’ experience in a combination of information security and IT jobs.
• Well connected and informed about the security vendor / partner space as well as the security practitioner community. Well informed on what the leading products and services in information security are, how they work and how they are integrated into a large organization.
• Strong understanding of cloud technology and security, application security including CI / CD and devsecops, threat intel management and zero trust methodologies
• Demonstrate an eagerness to innovate in cybersecurity in disciplines such as AI / ML
• Excellent written and verbal communication skills; interpersonal and collaborative skills; and the ability to communicate security and risk-related concepts to technical and nontechnical audiences.
• Must be a critical thinker with strong analytical and problem-solving skills.
• Expert knowledge in technological trends and developments in the area of information security and risk management.
• Strong project and resource management skills.
• Ability to lead and motivate cross-functional, interdisciplinary teams to achieve tactical and strategic goals, especially the ability to formulate and execute an enterprise technology strategy.
• Degree in business administration or a technology-related field, or equivalent work- or education-related experience.
• Professional certification, such as a CISSP, CISM, CISA or other information security credentials, is preferred.
• Knowledge of security and control frameworks, such as ISO 17799, CobiT, COSO and ITIL.
• Experience with contract and vendor negotiations.
• High level of personal integrity, and the ability to professionally handle confidential matters and demonstrate the appropriate level of judgment.

LI-RA1

Our company is built on helping individuals and families, and this starts with our employees. We want employees to maintain a positive balance, which is why we provide access to the benefits and resources they need to invest in themselves.

From our onsite fitness facilities and generous paid time off to employee professional development programs, we are committed to helping employees live and work their best both inside and outside the office.

Unum is an equal opportunity employer, considering all qualified applicants and employees for hiring, placement, and advancement, without regard to a person's race, color, religion, national origin, age, genetic information, military status, gender, sexual orientation, gender identity or expression, disability, or protected veteran status.

The base salary range for applicants for this position is listed below. Unless actual salary is indicated above in the job description, actual pay will be based on skill, geographical location and experience.

$202,200.00-$395,300.00

Additionally, Unum offers a portfolio of benefits and rewards that are competitive and comprehensive including healthcare benefits (health, vision, dental), insurance benefits (short & long-term disability), performance-based incentive plans, paid time off, and a 401(k) retirement plan with an employer match up to 5% and an additional 4.

5% contribution whether you contribute to the plan or not. All benefits are subject to the terms and conditions of individual Plans.

Company : Unum

Unum