Senior Product Security Engineer at Red Hat focusing on security and compliance for digital sovereign products while collaborating across global teams and enhancing automation.
About the role
- Information Security GRC Program Senior Manager directing security governance, risk, and compliance functions at Kemper. Leading a team to ensure audits, exams, and control frameworks are maintained effectively.
Responsibilities
- Lead, coach, and develop a team of GRC professionals; set goals, performance expectations, and development plans aligned to program outcomes.
- Establish operating rhythms, playbooks, and quality standards for control documentation, testing/validation, evidence management, and reporting.
- Manage team capacity and prioritization against enterprise commitments (audits, exams, strategic initiatives, remediation).
- Own the Information Security GRC operating model, including control governance, control testing/validation cadence, evidence management, and exception management.
- Maintain and mature the security control framework and control library; ensure alignment to applicable regulatory and contractual requirements (e.g., insurance regulators, NYDFS, SOX ITGCs, Bermuda Cyber Code of Conduct, PCI DSS, privacy/security obligations).
- Govern the policy lifecycle (reviews, approvals, publication, training/attestation inputs, and adoption tracking) and ensure alignment between policy, standards, and procedures.
- Serve as the senior security lead for internal/external audits, regulatory exams, and assurance activities.
- Coordinate evidence collection, response narratives, and stakeholder alignment; ensure timely delivery and consistency across requests.
- Drive remediation governance for security findings, control gaps, and formal commitments; monitor execution and remove blockers through structured escalation.
- Validate remediation completion and evidence quality prior to closure; reduce repeat findings by ensuring root causes are addressed.
- Develop and maintain KPIs/KRIs and executive-ready reporting on control health, audit readiness, open issues, remediation status, and program maturity.
- Present decision-grade updates to the CISO and governance forums; support Board/Risk Committee reporting with clear themes, trends, and required decisions.
Requirements
- Bachelor’s degree in Information Security, Risk Management, Business, IT, or a related field (or equivalent experience).
- 8+ years of progressive experience in information security governance, risk, compliance, audit, or related disciplines.
- 3+ years of people management experience (direct reports) with demonstrated ability to build, coach, and scale a high-performing team.
- Demonstrated success leading cross-functional programs and driving accountability without direct authority.
- Strong understanding of security governance and control frameworks (e.g., NIST CSF, ISO 27001, CIS Controls) and experience mapping controls to regulatory obligations.
- Proven experience managing audits/regulatory exams, evidence, control testing/validation, and issue remediation governance.
- Excellent written and verbal communication skills; ability to translate control and compliance topics into business risk and outcomes.
Benefits
- Qualify for your choice of health and dental plans within your first month.
- Save for your future with robust 401(k) match, Health Spending Accounts and various retirement plans.
- Learn and Grow with our Tuition Assistance Program, paid certifications and continuing education programs.
- Contribute to your community through United Way and volunteer programs.
- Balance your life with generous paid time off and business casual dress.
- Get employee discounts for shopping, dining and travel through Kemper Perks.
Job title
Job type
Experience level
Salary
Degree requirement
Location requirements
Security Engineer safeguarding K - 12 student data in several locations for EduTech startup. Designing secure software systems and ensuring data protection to comply with privacy standards.
Security Engineer focusing on data protection and privacy for Kira Learning's educational technology. Safeguarding K - 12 student data while collaborating with engineering teams on secure software development.
Senior Cybersecurity Engineer responsible for protecting Advansys and its clients' IT infrastructure. Designing, implementing, and managing security solutions, while mentoring junior engineers.
Security Engineer responsible for incident response and security protocol design at Sinch. Joining a global team to safeguard sensitive information and enhance cybersecurity measures.
Content Developer creating engaging and effective learning materials for coding education online. Collaborating with a team to develop tailored resources for K - 12 learners in Egypt.
Campus Security Officer ensuring safety at Bright Horizons early childcare centers in Seattle. Responsible for access control, surveillance, and emergency response.
Sounding and Security Watch responsible for Navy asset security at NSF Diego Garcia. Conducting checks and ensuring safety during designated watch hours with strong situational awareness.
Sales Enablement Manager creating technical content for Upwind Security. Collaborating across teams to translate cloud security concepts into clear narratives for engineers and security leaders.
Security Engineer designing and implementing security measures to protect Snap Inc.'s infrastructure. Collaborating across teams while focusing on threat detection and response strategies.