| |
|
WHAT WE CAN OFFER YOU:
- Estimated Salary: Minimum: $112,000 MidPoint: $151,000 Maximum: $190,000, plus annual bonus opportunity.
- 401(k) plan with a 2% company contribution and 6% company match.
- Work-life balance with vacation, personal time and paid holidays. See our benefits and perks page for details.
- Applicants for this position must not now, nor at any point in the future, require sponsorship for employment.
|
| |
| |
|
WHAT YOU'LL DO:
-
Lead the DevSecOps strategy by defining how application security controls, testing, and policy enforcement are embedded into CI/CD pipelines, including AI-assisted development workflows and agent-driven automation, to support rapid, secure software delivery.
-
Architect security-by-design patterns for modern and AI assisted application development, including secure frameworks, reusable controls, and pipeline integrations that developers can adopt with minimal friction.
-
Partner with engineering and platform teams to integrate security requirements into build, test, deployment workflows, and AI-enabled development workflows, ensuring emerging AI coding practices align with secure SDLC expectations and aligning security outcomes with business and delivery objectives.
-
Establish security governance and guardrails for AI-driven development trends, including LLM-assisted coding, autonomous DevOps agents, and AI-generated code, ensuring appropriate review, traceability, and risk management as these capabilities expand across the organization in coordination with AI governance and engineering teams.
This role is critical to helping Mutual of Omaha move faster while staying secure. You will shape how security enables software delivery, ensuring teams can innovate confidently while protecting our customers, data, and brand.
|
|
WHAT YOU’LL BRING:
- Framework fluency, including OWASP Top 10, ASVS NIST CSF 2.021, and MITRE ATT&CK, with the ability to operationalize them within DevSecOps workflows.
- Technical Experience, 5–10 years of progressive experience in application development, platform engineering, or application security, with demonstrated ownership of designing and embedding scalable application security capabilities into DevSecOps pipelines, including integrating standards as policy, developing architectural patterns, integrating technology within the CI/CD pipeline, leveraging AI to improve throughput and security, and developing systematic approaches to vulnerability remediation adopted across multiple teams or platforms.
- Strategic application security mindset with the ability to translate risk, threats, and regulatory requirements into practical DevSecOps controls that scale across teams.
- Hands-on DevSecOps experience, including integrating SAST, DAST, SCA, IaC scanning, secrets detection, and policy enforcement into CI/CD pipelines.
-
Strong automation and pipeline integration skills, leveraging scripting, APIs, AI tooling and security platforms to streamline secure development and reduce manual processes.
-
Cloud-native application security expertise, including secure design patterns for AWS and SaaS platforms, identity-driven access controls, and secure service-to-service communication.
-
Influential communication and leadership skills, with experience guiding developers, mentoring engineers, and aligning technical security decisions with business priorities.
- You promote a culture of diversity and inclusion, value different ideas and opinions, and listen courageously, remaining curious in all that you do.
- Able to work remotely with access to a high-speed internet connection and located in the United States or Puerto Rico.
|
|
PREFERRED:
- Bachelor's Degree in IT Security, Computer Science or related field.
-
Security or architecture certifications, such as CISSP, ISSAP, CSSLP, CASP+, CASE or relevant GIAC certifications.
-
Proven experience delivering architecture artifacts, such as secure reference architectures, threat models, and developer-facing security standards that improve adoption and consistency.
-
Proven experience in CI/CD Pipeline Technologies, such as GitHub, JFrog Xray, Wiz, SonarCube, etc.
|
|
We value diverse experience, skills, and passion for innovation. If your experience aligns with the listed requirements, please apply!
If you have questions about your application or the hiring process, email our Talent Acquisition area at careers@mutualofomaha.com. Please allow at least one week from time of applying if you are checking on the status.
Stay Safe from Job Scams
Mutual of Omaha only accepts applications from mutualofomaha.com/careers. Legitimate communications will come from '@mutualofomaha.com.' We never request sensitive information or extend job offers without conducting interviews. For more details, check our Hiring FAQs. Stay alert for scams and apply securely!
Fair Chance Notices
|
