Head of IT Information Security

at Global Atlantic Financial Group
Des Moines, Iowa, United States

Currently, we are conducting interviews mostly over video. After Labor Day, we will be in the office Monday, Tuesday and Thursday. If you have any questions regarding this policy, please reach out to recruiting@gafg.com.

COMPANY OVERVIEW

Global Atlantic Financial Group is a leader in the U.S. life insurance and annuity industry, serving the needs of individuals and institutions. With differentiated investment and risk management capabilities, deep client relationships, and a strong financial foundation, the company has established a track record of delivering proven, value-added solutions and long-term growth. Global Atlantic is a majority-owned subsidiary of KKR, a leading global investment firm that offers asset management and capital markets solutions across multiple strategies.

Global Atlantic is looking for a diverse team of talented individuals who reinforce our culture of collaboration and innovation. We are dedicated to the career development of our people because we know they are critical to our long-term success. Join our team and come grow with us. 

Job Description

The Head of IT Information Security is responsible for guiding and assisting the Information Technology Team in protecting data assets while enabling the business. This role is key to ensuring security our footprint is accurately architected, designed, configured, alerting, and reporting, along with assisting and in many cases lead security design decisions/approvals. Additionally, the role includes reviewing security access requests, assessing vulnerability management reports, assisting with incident management, partnering with senior management and CISO to ensure compliance with information security policies, documented controls/standards/procedures, and enhance the overall security footprint through the management and implementation of a comprehensive IT Information Security program.

Key duties / Essential Functions

  • Evolution, implementation, and ongoing management of a comprehensive IT information security program.
  • Ensure security standards and best practices are realized in the design and implementation the company’s technology platforms
  • Partner with the CISO and the Information Security Team (RISK) to identify, communicate, and address emerging threats based on risk.
  • Responsible for working with senior professionals in building and maturing information security within the IT organization.
  • Partner effectively with peers to architect secure storage of and transmission of company data both within and outside they company’s systems.
  • Develop and document IT security architecture vision and strategy to support key business processes and requirements.
  • Creates solutions that balance business requirements with information and cyber security requirements.
  • Recommend security solutions that fulfill existing security policy and procedures, architect and assist with implementation.
  • Recommend security tools and services that help secure data footprint include network detection and response (NDR), antivirus (AV), threat visibility tools, certificate authorities, web content management, security information and event management (SIEM), vulnerability assessment tools, and related items.
  • Recommend and assist with implementation of cloud and Microsoft security controls.
  • Partner with the CISO, managed service providers, and internal team(s) to enhance current security posture and ensure appropriate integration into Security Operations (SecOps) function.
  • Make recommendations to ensure web and content management systems are effectively configured to securely manage web traffic.
  • Identify security design gaps in existing and proposed architectures and recommend changes or enhancements.
  • Align standards, frameworks and security with overall business and technology strategy.
  • Researches and analyzes threats and their behavior, recommends remediation plans, and assist with execution where applicable.
  • Assist IT Senior Management and CISO with creation/maintenance of security policy and procedures.
  • Employ effective communications when assisting with security architecture, design, and/or incident management efforts.
  • Assists team with various annual security compliance audits, including providing detailed reporting and evidence for various controls.
  • Ensure technology teams are aware of security requirements, knowledge of the threat landscape and are applying a risk based approach to the design, implementation and continued maintenance to IT solutions.

Skills and competencies

Ten or more years’ experience in:

  • Prior experience as Information Security Leader or CISO highly preferable.
  • Working experience with the NIST Cybersecurity Framework (800-53, 800-171) or ISO 27001.
  • Security architecture, solution delivery, security principles, and emerging technologies.
  • Understanding of network and security architecture best practices.
  • Designing and implementing security solutions.
  • Writing security or related IT policies and procedures.
  • Consulting and engineering in the development and design of security best practices and implementation of solid security principles across the organization, to meet business goals along with customer and regulatory requirements.
  • Security architecture design including Firewalls, routers, switching, Wi-Fi, and security appliances and services (IPS/IDS, AV, threat visibility tools, certificate authorities, web content management, SIEM, vulnerability assessment tools, and related items)
  • Performing risk assessments leading to formulating and mapping information security policy and standards to ensure compliance with regulatory and legislative compliance (PCI, SOX, MAR).
  • AWS and Azure cloud service offerings and related security controls.
  • Recommending security considerations for cloud computing: data breaches, broken authentication, hacking, account hijacking, malicious insiders, third parties, APTs, data loss and DoS attacks.
  • Active Directory design and related security controls, and Identity and access management (IAM).
  • TCP/IP network communications and network packet analysis with anomaly detection.
  • Implement standard procedures for incident response while interfacing with management.
  • SIEM tools including purpose, correlation rule design, and related monitoring and reporting best practices.
  • Triaging security related incidents and understanding how to utilize incident response plans.
  • Evaluating security tools and making recommendations based on 3rd party and internal lab reviews.
  • Working with IT auditors and providing evidence for related controls.
  • Advanced Persistent Threat groups (Tactics, Techniques, and Procedures/Indicators of Compromise).
  • Reviewing infrastructure designs, finding security gaps, and making recommendations to ensure a secure implementation, both Business and ICS network environments

Experience with and knowledge of:

  • National Institute of Standards and Technology (NIST) standards.
  • ISO27001 specifications for framework of policies and procedures.
  • Control Objectives for Information and Related Technologies (COBIT) a plus.
  • IT Infrastructure Library (ITIL) certification a plus.
  • Windows and UNIX experience.
  • Familiarity with privacy and security regulatory standards and requirements.

General skills include:

  • Exceptional communication skills with diverse audiences
  • Strong critical thinking and analytical skills
  • Strong leadership, project, and team-building skills to drive projects and initiatives in multiple departments.
  • Demonstrated ability to identify risks associated with business processes, operations, information security programs and technology projects.
  • The ability to be the IT security subject matter expert who can explain technical topics to those without a technical background.

License or Certification (one or more):

  • Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Information Systems Security Architecture Professional (ISSAP), Information Systems Security Engineering Professional (ISSEP), CCNA, CCNP, MSCE

Education:

  • Bachelor’s degree in computer science, information security, engineering, or related field required.

#LI-BB1

TOTAL REWARDS STATEMENT  

Global Atlantic’s total rewards package is reflective of our corporate values, particularly diversity, excellence and innovation, with a focus on inclusion, pay equity, and flexibility. We are proud to support your personal and professional growth and well-being through programs such as educational assistance, virtual physical therapy, remote/onsite fitness reimbursement, a medical second opinion program, pet insurance, military leave, parental leave, adoption assistance, fertility and family planning coverage. We strive to foster a culture of total well-being through community outreach and charitable giving programs.

We are active in our communities-

  • New York: Red Hook Conservancy, Girls Who Invest and The Bowery Mission
  • Boston: Cradles to Crayons, Project Bread, Let’s Get Ready, Rise Against Hunger, Salvation Army and many other local volunteer organizations in around the Boston area
  • Hartford: Habitat for Humanity, Foodshare, Humane Society, Hands on Hartford, Mercy Shelter and Dog Star Rescue
  • Indianapolis: Elevate Indianapolis, Gleaners Food Bank and the Juvenile Diabetes Research Foundation
  • Batesville: American Cancer Society Relay for Life, Angels of Giving, Margaret Mary Health Foundation, Ripley County Community Foundation, Safe Passage, Batesville High School Sponsorships, local area youth sports and food pantries, as well as many others
  • Des Moines: United Way, Central Iowa Shelter & Services, Junior Achievement of Central Iowa and Make a Wish Foundation
  • Berwyn: Food drive and will be planning an event to help a local family over the holidays
  • Atlanta: Packaged Good Organization, which helps the most vulnerable community members with providing personalized care packages for people in need including the elderly, our armed forces, the homeless and hospitalized kids
  • Bermuda: Sponsor of a weekly feeding program operated by The Hamilton Seventh-Day Adventist Church

 

Social platforms provide an environment to collaborate with others and participate in friendly competitions towards achieving physical, emotional and financial well-being. Our highly competitive health, retirement, life and disability plans can be tailored to best suit your needs and those of your whole family.

Global Atlantic is committed to creating an inclusive environment where everyone can meaningfully contribute to our success. We are proud to be an equal opportunity employer and we do not discriminate in employment on any basis that is prohibited by federal, state or local laws.  More than that, we strive to be inclusive of all backgrounds and experiences, which we feel gives us a competitive advantage in the market and within our firm.  All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, disability, age, or veteran status. 

Global Atlantic Financial Company Employee Candidate Privacy Notice

Voluntary Inclusion Questions

We encourage qualified applicants from all backgrounds to apply.  As such, we are committed to achieving a diverse candidate pool for open positions and that our interview teams are made up of employees from different backgrounds.  Sharing your background with us will help us with that focus, although recruiters and hiring managers will not have the ability to see individual responses (only aggregate information).  

This information is not used to determine who is selected for interviews or will be hired, but is helpful in identifying resources, sites and groups which add value in increasing our applicant pool and ensures that we attract the best and most diverse workforce.  This is purely voluntary but will help our mission to be inclusive.  

 

Which category below best describes you (please select only one):
How do you currently describe your gender identity? (please select only one)
Have you been diagnosed with any disability or impairment? (please select only one)
Do you identify as a veteran or as being or having been a member of the military? (please select only one)
Do you consider yourself a member of the Lesbian, Gay, Bisexual, Trans or Queer (LGBTQ+) community? (please select only one)
Which of the following best describes your education status? (please select the one option that fits you best)