Alternate Locations:Atlanta, GA (Georgia); Concord, NH (New Hampshire); Fort Wayne, IN (Indiana); Greensboro, NC (North Carolina); Hartford, CT (Connecticut); Omaha, NE (Nebraska); Philadelphia, PA (Pennsylvania); Radnor, PA (Pennsylvania); Rolling Meadows, IL (Illinois)Relocation assistance is not available for this opportunity.Requisition #56132About the CompanyLincoln Financial Group, a Fortune 250 company with over 10,000 employees, provides advice and solutions that help empower Americans to take charge of their financial lives with confidence. Our core business areas Life Insurance, Annuities, Retirement Plan Services and Group Protection focus on supporting, preserving and enhancing over 17 million customers lifestyles and retirement outcomes.Headquartered in Radnor, Pennsylvania, Lincoln Financial Group is the marketing name for **MEMBERS ONLY**SIGN UP NOW***. (NYSE: LNC) and its affiliates. The company had $253 billion in assets under management as of December 31, 2017.Ranked one of the Best Large Employers in America by Forbes magazine, Lincoln Financial Group makes a serious investment in our employees futures through a broad range of wealth accumulation and protection plans, health and wellness programs, and career development resources designed to help each individual reach their personal and professional goals.The RoleThis position will conduct information security risk assessments on parties external to Lincoln Financial Group (Lincoln) in order to ensure that information security risks associated with those relationships are within acceptable tolerances. In addition, she/he will help Lincoln develop new business and maintain existing customer relationships by responding to requests from external parties concerning Lincoln's own information risk management practices.ResponsibilitiesDetermine information security risk profiles for various vendor and business partner services using questionnaires and knowledge of Lincoln policy and relevant industry best practices and standards.Clearly and professionally communicate information security risks associated with external party services to Lincoln business unit personnel and business leaders.Assess external party information security controls to ensure they meet or exceed Lincolns information security risk management requirements for the services to be provided.Recommend solutions to eliminate, reduce, or mitigate risk, and communicate said solutions to both external parties and internal business stakeholders.Record pertinent documentation and communications for all assessments in Lincolns online information technology (IT) governance, risk, and compliance platform.Report status of engagements to Information Security management, project managers, and other business stakeholders as appropriate.Determine the priority and scope of requests from external parties for information concerning Lincolns information security practices.Respond to incoming requests from external parties for information concerning Lincolns information security practices by providing appropriately scoped and accurate information in a timely and professionally written manner.Education4 Year/Bachelors Degree or equivalent work experience (4 years of experience in lieu of Bachelors) in (Minimum Required)Experience3 - 5 Years of experience in IT audit, information security, or information risk management that directly aligns with the specific responsibilities for this position. (Required)Possession and continual application of the following character traits: dependability, integrity, decisiveness, tact, courage, enthusiasm, and sound judgement.Working knowledge of common information security concepts, practices, and technologies, including best practices for:Network defense and secure network designNetwork, operating system, and application vulnerability managementSecure software developmentLogging and monitoringIdentification, authentication, and authorization mechanismsAccount provisioning, review, and de-provisioningData loss preventionGeneral knowledge of industry standard security frameworks, including the NIST Cybersecurity Framework.General knowledge and understanding of regulatory compliance mandates concerning data protection, including HIPAA, GLBA, and various state laws and regulations.General knowledge of IT audit and assessment concepts and practices.General knowledge of common web application vulnerabilities preferred.Industry certification preferred, including but not limited to CISSP or CISM.Prior insurance or financial services industry experience preferred.#LI-POSTThis position may be subject to Lincolns Political Contribution Policy. An offer of employment may be contingent upon disclosing to Lincoln the details of certain political contributions. Lincoln may decline to extend an offer or terminate employment for this role if it determines political contributions made could have an adverse impact on Lincolns current or future business interests, misrepresentations were made, or for failure to fully disclose applicable political contributions and or fundraising activities.Any unsolicited resumes/candidate profiles submitted through our web site or to personal e-mail accounts of employees of Lincoln Financial Group are considered property of Lincoln Financial Group and are not subject to payment of agency fees.Lincoln Financial Group (LFG) is an Equal Opportunity employer and, as such, is committed in policy and practice to recruit, hire, compensate, train and promote, in all job classifications, without regard to race, color, religion, sex (including pregnancy), age, national origin, disability, sexual orientation, gender identity and expression, veterans status, or genetic information. Applicants are evaluated on the basis of job qualifications. If you are a person with a disability that impedes your ability to express your interest for a position through our online application process, or require TTY/****.