Unum · 1 day ago
Manager, Information Security Policy and Controls Governance
Chattanooga, TN
Full-time
Onsite
Mid, Senior Level
$89K/yr - $184K/yr
5+ years expUnum is a Fortune 500 company that is driving a digital transformation in the employee benefits sector. They are seeking a Manager for Information Security Policy and Controls Governance to oversee governance, risk, and compliance capabilities, ensuring alignment between security controls and regulatory requirements.
FinanceFinancial ServicesInsurance
Responsibilities
Oversees and evaluates the delivery and effectiveness of the organizations policy governance, risk assessments, control attestation, and issues management capabilities, taking action to address performance or quality gaps as needed
Ensures the team maintains a well‑defined, risk‑aligned backlog of work that advances program maturity and meets regulatory, audit, and business needs
Guides team members in prioritizing assessments, policy lifecycle activities, and control-related work based on risk, business value, and regulatory timelines
Proactively removes obstacles and operational roadblocks that hinder timely completion of assessments, attestations, and governance processes
Partners with business and technology stakeholders to translate security, compliance, and risk management objectives into actionable work items
Ensures best‑practice execution, including structured assessment methodologies, clear control documentation, consistent issue tracking, adherence to policy standards, and high‑quality evidence collection
Encourages creativity and continuous improvement in maturing governance, assessment, and control processes; fosters a culture of innovation within the team
Uses operational metrics, assessment cycle data, and workflow insights to understand team performance and drive process efficiency
Partners with leadership to ensure strong talent is in place to support the organization’s governance, risk and compliance obligations
Mentors, coaches, and motivates team members to elevate their GRC expertise, business partnership skills, and overall performance
Identifies skill gaps related to risk frameworks, regulatory requirements, control design, and assessment techniques, ensuring development plans address these needs
Promotes cross‑training and shared ownership of GRC functions to reduce single‑points‑of‑failure and increase team resilience
While accountable for the team’s output, actively cultivates a self‑organizing, autonomous, and collaborative team that consistently demonstrates accountability and continuous improvement
Conducts regular 1:1s and development discussions to monitor progress, reinforce strengths, and close skill gaps
Collaborates with peers to evaluate the effectiveness of resourcing models, proposing enhancements to better support team operations
Maintains a strong understanding of emerging regulatory trends, risk frameworks (e.g., NIST CSF, HIPAA, SOC, ISO), and control expectations to inform program improvements
Reinforces disciplined prioritization by ensuring the team focuses on the highest‑value, highest‑risk activities and commitments
Designs and operates GRC processes with partner teams’ knowledge and needs in mind, ensuring risk governance activities are clear, intuitive, and easy to complete
Qualification
Required
Bachelors degree in computer science, or relevant technical experience
Has 5+ years experience in an IT Risk Management field, or equivalent relevant work experience
Has a security technology background with strong knowledge of relevant technical security disciplines
Exhibits courage by taking smart risks and encouraging others to do so; empowers innovative approaches by motivating others to be proactive and resourceful
Able to effectively coach, mentor, identify, and address skills needs and gaps
Proficient in methods and techniques for running effective meetings and for understanding and influencing the roles played by participants
Displays good interpersonal skills at all levels of contact and in a wide variety of situations, able to listen and influence, and to relate to customers in their own language
Demonstrates the ability to champion change and support teams through change
Demonstrates the ability to think critically, challenge conventional thinking and generate and apply unique business insight to create competitive advantage for the organization
Has solid knowledge of regulations, including, GLPA, HIPAA, GDPR, CCPA, and other cyber security regulatory compliance requirements and related programs
Has in-depth knowledge of security and control frameworks such as the NIST Cyber Security Framework, NIST SP 800-53, ISO 17799/27001, CobIT, and ITIL
Preferred
CRISC, CISSP, CISM, CISA, and other security related certifications are a plus
Benefits
Healthcare benefits (health, vision, dental)
Insurance benefits (short & long-term disability)
Performance-based incentive plans
Paid time off
401(k) retirement plan with an employer match up to 5% and an additional 4.5% contribution whether you contribute to the plan or not
Company
Unum
Since our founding in 1848, Unum has been a leader in the employee benefits business through innovation, integrity and an unwavering commitment to our customers.
10001+ employees
H1B Sponsorship
Unum has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (27)
2024 (23)
2023 (26)
2022 (19)
2021 (18)
2020 (7)
Funding
Current Stage
Public CompanyTotal Funding
$700M2025-11-11Post Ipo Debt· $300M
2024-06-05Post Ipo Debt· $400M
1986-11-14IPO
Leadership Team
Curt Burghardt
Vice President People Delivery
Mike Schubert
Vice President Of Technology
Recent News
MarketScreener
2025-12-05
2025-12-05
2025-12-05
Company data provided by crunchbase