Sr Info Sec Assessment Consult
Salary Range: $55,000 - $140,000
We’ve Got You Under Our Wing
We are the duck. We develop and empower our people, cultivate relationships, give back to our community, and celebrate every success along the way. We do it all…The Aflac Way.
Aflac, a Fortune 500 company, is an industry leader in voluntary insurance products that pay cash directly to policyholders and one of America's best-known brands. Aflac has been recognized as Fortune’s 50 Best Workplaces for Diversity and as one of World’s Most Ethical Companies by Ethisphere.com.
Our business is about being there for people in need. So, ask yourself, are you the duck? If so, there’s a home, and a flourishing career for you at Aflac.
Worker Designation – This role is designated as a remote role. You will be expected to work from your home, within the continental US. Although this role is designated as remote, there may be occasions that you are requested to come to the office based on business need. Any requests to come to the office would be communicated with you in advance.
What does it take to be successful at Aflac?
- Acting with Integrity
- Communicating Effectively
- Pursuing Self-Development
- Serving Customers
- Supporting Change
- Supporting Organizational Goals
- Working with Diverse Populations
What does it take to be successful in this role?
• The ability to interface across the organization with other teams throughout Aflac such as system operations, infrastructure, security personnel, etc.
• Ability to manage supplier relationships.
• Proven ability to assess risks and controls and to identify solutions to reduce risk.
• Demonstrated initiative and commitment for results and the ability to set priorities and manage multiple initiatives.
• A working knowledge of Microsoft Office Suite.
• A solid foundation in compliance frameworks and security management standards (e.g., ISO 27001:2013, COBIT, and NIST).
• Excellent written and verbal communications skills.
• Ability to adjust to changing priorities while multitasking effectively.
• Ability to articulate security concepts to business users.
• Knowledge of security management standards.
• Experience with an IT GRC tool (i.e. ProcessUnity, Archer, etc.).
Education & Experience Required
- Bachelor's Degree In Computer Science, Information Systems, information security
- Six or more years of job related work experience
- Strong knowledge of information security policies, controls, and risk management processes
- Working knowledge of information security related laws, regulations, and industry standards (e.g., FFIEC, GLBA, HIPAA, and PCI DSS). Ability to translate these requirements into enterprise wide regulatory compliance and risk management processes in support of the Information Security program.
- Experience in Financial Services or Insurance industry
Or an equivalent combination of education and experience
Education & Experience Preferred
- Certification - Current designation and maintenance of a Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC) or similar certifications
Less than or equal to 10%
Principal Duties & Responsibilities
• Support the TCRM program and TCRM leadership with managerial tasks (e.g., budget, metrics, etc.), as assigned.
• Identify, interpret, and communicate information security issues related to Aflac infrastructure, applications and third parties.
• Track and report on the status of issues and remediation plans as a result of the assessment output.
• Keep abreast of industry trends, emerging risks, and legal and regulatory changes, and participate in industry forums (e.g., Santa Fe Group, CISO Coalition).
• Meet with business partners and technology teams regarding the integration points with enterprise wide processes such as strategic supply/procurement management, legal, security vulnerability management, etc.
• Coordinate with business partners and technology teams to establish an assessment cadence (schedule) for Aflac infrastructure, applications, and third parties.
• Engage in partnerships with these areas to maintain an understanding of their processes and the interrelations with information security processes.
• Work with stakeholders in the third party risk management community regarding high risk information security issues associated with third parties.
• Partner with Legal, Sourcing, and Supplier Managers to evaluate and embed standard security provisions into contracts.
• Performs other related duties as required
This compensation range is specific to the job level and takes into account the wide range of factors that are considered in making compensation decisions including, but not limited to: education, experience, licensure, certifications, geographic location, and internal equity. The range has been created in good faith based on information known to Aflac at the time of the posting. Compensation decisions are dependent on the circumstances of each case. This salary range does not include any potential incentive pay or benefits, however, such information will be provided separately when appropriate. The salary range for this position is $55,000 to $140,000.
In addition to the base salary, we offer an array of benefits to meet your needs including medical, dental, and vision coverage, prescription drug coverage, health care flexible spending, dependent care flexible spending, Aflac supplemental policies (Accident, Cancer, Critical Illness and Hospital Indemnity offered at no costs to employee), 401(k) plans, annual bonuses, and an opportunity to purchase company stock. On an annual basis, you’ll also be offered 11 paid holidays, up to 20 days PTO to be used for any reason, and, if eligible, state mandated sick leave (Washington employees accrue 1 hour sick leave for every 40 hours worked) and other leaves of absence, if eligible, when needed to support your physical, financial, and emotional well-being. Aflac complies with all applicable leave laws, including, but not limited to sick and safe leave, and adoption and parental leave, in all states and localities.
Something looks off?