Sr Info Sec Assessment Analyst

About Aflac

Aflac, a Fortune 500 company, is an industry leader in voluntary insurance products that pay cash directly to policyholders and one of America’s best-known brands. Aflac has been recognized as Fortune’s 50 Best Workplaces for Diversity and as one of World’s Most Ethical Companies by

We’re the duck. We develop and empower our people, cultivate relationships, give back to our community, and celebrate every success along the way.

Salary Range: $95,000 - $119,000

Job Posting End Date: 1/25/26

• Hybrid:
  If you live within 50 miles of the Aflac offices located in Columbus, GA or Columbia, SC, this role will be hybrid. You will be expected to work in the office for at least 60% of the work week and work from home for the remaining portion. Details of this schedule will be discussed with your leadership.
• Remote:
  If you live more than 50 miles from the Aflac offices, this role will be remote. You will be expected to work from home, within the continental US. Remote employees may be requested to come to the office based on business need; any such requests will be communicated with you in advance.

• Acting with Integrity
• Communicating Effectively
• Pursuing Self‑Development
• Serving Customers
• Supporting Change
• Supporting Organizational Goals
• Working with Diverse Populations

• The ability to interface across the organization with other teams, such as system operations, infrastructure, security personnel, etc.
• Ability to manage supplier relationships.
• Proven ability to assess risks and controls and to identify solutions to reduce risk.
• Demonstrated initiative and commitment for results and the ability to set priorities and manage multiple initiatives.
• A working knowledge of Microsoft Office Suite.
• A solid foundation in compliance frameworks and security management standards (e.g., ISO 27001:2013, COBIT, and NIST).
• Excellent written and verbal communication skills.
• Ability to adjust to changing priorities while multitasking effectively.
• Ability to articulate security concepts to business users.
• Knowledge of security management standards.
• Experience with an IT GRC tool (e.g., Modulo, Archer, etc.).

• Bachelor’s degree in computer science, information systems, risk management.
• Four or more years of related work experience.
• Strong knowledge of information security policies, controls, and processes as well as infrastructure (networks, servers), databases, and Internet technologies.
• Working knowledge of information security related laws, regulations, and industry standards (e.g., FFIEC, GLBA, HIPAA, PCI DSS). Ability to translate these requirements into enterprise‑wide regulatory compliance and risk management processes in support of the Information Security program.
• Experience in financial services or insurance industry.

Or an equivalent combination of education and experience.

• Certified Information Systems Security Professional (CISSP)
• Certified Information Security Manager (CISM)
• Certified Information Systems Auditor (CISA)
• Certified in Risk and Information Systems Control (CRISC) or similar certifications.

Less than or equal to 10%.

• Identify, interpret, and communicate information security issues related to Aflac systems and third parties.
• Track and report on the status of issues and remediation plans as a result of the assessment output.
• Keep abreast of industry trends, emerging risks, and legal and regulatory changes, and participate in industry forums (e.g., BITS).
• Meet with business partners and technology teams regarding the integration points with enterprise‑wide processes such as strategic supply/procurement management, legal, security vulnerability management, etc.
• Engage in partnerships with these areas to maintain an understanding of their processes and the inter‑relations with information security processes.
• Work with stakeholders in the third‑party risk management community regarding high risk information security issues associated with third parties.
• Partner with Legal, Sourcing, and Supplier Managers to evaluate and…