Senior Information Security Engineer - IntelliScript (Remote)
About The Position
As a Senior Information Security Engineer on the Information Security team at Milliman IntelliScript, you’ll play a key role in helping us continuously improve our security programs to ensure the safety of our technology, processes and data. This role will encompass tactical and strategic work of putting forward-looking initiatives in place as well as responding to external threats on an ongoing basis, which is a great opportunity for impact across all IntelliScript. We’re also modernizing and scaling quickly and are excited to bring someone onboard who can help us proactively tackle challenges – both in the day-to-day operations and anticipated future ones. As a member of the Information Security team, you will collaborate with members of the Platform Engineering and Software Development teams to plan and implement various security initiatives. The team will look to you for your strategic expertise, reliable execution, and sound judgment to improve and maintain our security infrastructure, along with creating and improving processes for maintaining a secure product and environment. You will be joining a team that is passionate about technology and helping pave the way for building great products together.
Requirements
- 5+ years of relevant experience with 3+ years deep, hands-on AWS experience
- Strong Okta experience: SSO/SAML/OIDC setup, adaptive MFA, app sign-on policies, SCIM, custom auth server and claims, CIAM policies and use cases
- Expert-level AWS IAM: role/permission boundary design, resource policies, cross-account patterns, session management etc.
- Strong API security: OAuth2/OIDC, JWTs; token lifecycles and scopes, experience with API Gateway, schema validation, abuse detection, rate limiting, mTLS
- Proficiency with Terraform and Git-based CI/CD; able to implement policy-as-code and pre-merge guardrails
- Cloud security monitoring/detections: CloudTrail, Config, GuardDuty, CloudWatch etc.
- Scripting/Automation in at least one modern language/framework
- Solid data protection and secrets management using AWS KMS and Secrets Manager; practical cryptography for engineering use
- Has a thorough understanding of the field and seeks to enhance technical expertise by staying up to date with industry trends, best practices, and emerging technologies
- Leads problem solving resolution initiatives, integrates cross-functional perspectives, and ensures sustainable outcomes
- Communicates complex information clearly and produces comprehensive documentation with minimal supervision
- Drives projects and tasks forward, making informed decisions and taking responsibility for outcomes
- Collaborates effectively with team members to overcome obstacles, meet deadlines, and achieve shared objectives
- Proactively identifies advanced learning opportunities, mentors peers, and continuously updates skills to maintain industry relevance
- Leads organizational risk management initiatives, designs advanced risk mitigation and contingency plans
- Proactively addresses issues within the team, facilitating open communication
- Takes on additional responsibilities or roles within the team, demonstrating accountability and a commitment to shared objectives
Nice To Haves
- Continued education and/or advanced degree(s)
- Experience in environments subject to HITRUST, HIPAA and/or PCI regulations
- Experience in software-as-a-service, actuarial science, and/or insurance underwriting industry
- Incident Management experience for identity and APIs
- Bot management and advanced WAF tuning
Responsibilities
- Improve, monitor and maintain our Information Security Program
- Execute security initiatives related to infrastructure, product and data
- Contribute to the strategic planning of security work, make strategic recommendations and improvements to our security
- Work with application and cloud engineers to improve the security of various product features
- Design and implement security controls and measures to protect our application and data
- Monitor and analyze security events and incidents and respond promptly to security breaches
- Collaborate with development teams to integrate security best practices throughout the software development lifecycle
- Quickly and proactively respond to incoming security threats
- Continually assess, address and report on the levels of threat and preparedness
- Assist in maintaining compliance with industry standards relevant to our organization
Benefits
- Medical, Dental and Vision – Coverage for employees, dependents, and domestic partners.
- Employee Assistance Program (EAP) – Confidential support for personal and work-related challenges.
- 401(k) Plan – Includes a company matching program and profit-sharing contributions.
- Discretionary Bonus Program – Recognizing employee contributions.
- Flexible Spending Accounts (FSA) – Pre-tax savings for dependent care, transportation, and eligible medical expenses.
- Paid Time Off (PTO) – Begins accruing on the first day of work. Full-time employees accrue 15 days per year, and employees working less than full-time accrue PTO on a prorated basis.
- Holidays – A minimum of 10 paid holidays per year.
- Family Building Benefits – Includes adoption and fertility assistance.
- Paid Parental Leave – Up to 12 weeks of paid leave for employees who meet eligibility criteria.
- Life Insurance & AD&D – 100% of premiums covered by Milliman.
- Short-Term and Long-Term Disability – Fully paid by Milliman.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Education Level
No Education Listed
Number of Employees
501-1,000 employees
