• Designing, implementing, and operating identity and authorization platforms used across internal and external services • Defining and evolving authentication and authorization patterns based on OAuth 2.0, OpenID Connect, and token-based security • Supporting and improving API security using API Gateway technologies, preferably Kong, including authentication flows, rate limiting, and policy enforcement • Collaborating with engineering teams to securely integrate identity solutions into APIs and services • Building and maintaining infrastructure using Infrastructure as Code (Terraform) • Operating and securing Kubernetes-based workloads and identity-related services • Contributing to cloud architecture decisions with a strong focus on security, resilience, and scalability • Partnering with DevOps and SRE teams to improve observability, incident response, and operational excellence • Participating in security reviews, threat modeling, and architecture design discussions • Defining best practices, documentation, and reference architectures for identity and access management • Continuously learning and staying current with modern identity, cloud security, and platform engineering practices

• Design and implement SAP Identity Authentication Service (IAS) and Identity Provisioning Service (IPS) architectures • Integrate SAP BTP with corporate IdPs (Azure AD, Entra ID, AD, LDAP, SAML, OAuth2, OpenID Connect) • Configure Single Sign-On (SSO), MFA, Conditional Access, and Trust configurations • Manage user lifecycle, role mapping, and automated provisioning/de-provisioning across SAP systems Security & Compliance • Implement and govern SAP Cloud Identity Services (CIS) best practices • Define security standards for BTP applications, APIs, AI services, and integrations • Support compliance requirements (ISO 27001, GDPR, SOC, internal security policies) • Conduct security reviews, risk assessments, and audits for SAP BTP landscapes BTP & AI Enablement • Secure AI-enabled SAP services (e.g., SAP AI Core, AI Launchpad, Joule, custom AI apps on BTP) • Ensure secure access to APIs, data, and AI models using OAuth2, XSUAA, and service bindings • Collaborate with SAP architects, AI teams, and developers to embed security by design Operations & Governance • Monitor and troubleshoot authentication, provisioning, and authorization issues • Establish identity governance, access reviews, and logging/monitoring strategies • Create security documentation, standards, and operational runbooks

Job Details The stated pay range is based on a national average location. Actual salary is determined by factors including relevant work experience, skills and location. This position is bonus-eligible. CNO Financial Group’s IT Team is hiring a Sr. IT Identity Security Engineer to serve as the senior Identity and Access Management (IAM) Identity Automation (IA) security expert and communicate security-related concepts to technical and non-technical team members as it relates to automated Identity provisioning and governance. The Sr IT Security Engineer will also lead the design and implementation of IAM IA security tools and technologies for the company. This role monitors and controls performance and status of all security systems related to the IA program. This is your opportunity to optimize system resources to enhance the effectiveness and security of the IA environment. As a Sr. IT Identity Security Engineer, your responsibilities will include: - Planning, designing, implementing, and maintaining identity security-related technologies primarily using CyberArk - Participating in projects as required; analyzing, designing, developing, and implementing security solutions which protect the information assets while enabling business functionality. - Utilizing security software and hardware tools to identify and diagnoses problems affecting identity information security tools and systems providing 2nd and 3rd tier operational support. - Providing identity information security expertise and consulting to internal IT, business system owners, and other stakeholders. - Performing product and solution life cycle management ensuring capacity, integrity and availability of all security systems. - Aligning technologies to support overall strategy and information security framework specifically related to the identity automation program. - Ensuring new and existing identity products conform to information security policies, standards, and best practices. - Conducting research on emerging technologies in support of enterprise operations. - Reviewing new and existing system designs for compliance with security standards and best practices. The Sr. IT Identity Security Engineer position is well-suited for you if you: - Possess strong knowledge in Identity products and Privileged Access solutions - Have a strong background in systems administration - Understand of security concepts, practices, and procedures - Have a strong understanding of information security technologies (e.g., virus detection, firewall, content filtering, VPNs, IDS/IPS) - Can demonstrate implementation of access alerting, monitoring and dashboard integration preferably with Splunk or similar SEIM products What you’ll need: - Typically requires a Bachelor’s degree in Information Systems/Business or related field, or equivalent professional experience - Typically requires a minimum of 5 years of experience in cybersecurity or related technical discipline (infrastructure, etc.) - Prior experience with CyberArk or similar PAM products What will set you apart: - Prior experience with SailPoint and/or Ping - Applicable security or CISSP certifications preferred. - A passion for staying up to date on emerging technologies and industry trends - Prior experience in highly regulated organizations. The Company offers the following benefits for this position, subject to applicable eligibility requirements: - Medical insurance - Dental insurance - Vision insurance - 401(k) retirement plan with company match - Short-term & long-term disability insurance - Paid time-off and corporate holidays, - Paid parental leave - Company paid life insurance Click on this link for additional information. CNO embraces flexibility and encourages you to work where you’re most productive. Associates who live within a 60-mile radius of a corporate office (Birmingham, Carmel, Chicago, Orlando and Milwaukee) have access to come into that office.  Associates who live outside of a 60-mile radius of a corporate office (Birmingham, Carmel, Chicago, Orlando and Milwaukee) may perform this role full-time work from home (WFH) from any US based location, as long as you are willing to work central or eastern time zone hours.   All associates may be asked to travel to varying corporate offices periodically. Work cannot be performed from outside of the United States. CNO provides life and health insurance, annuities, financial services, and workforce benefits solutions through our family of brands and supported by our associates and agents. Our customers work hard to save for the future, and we help protect their health, income and retirement needs with 3.2 million policies and more than $35 billion in total assets. Our 3,400 associates, 8,600 exclusive agents and independent partner agents guide individuals, families and businesses through a lifetime of financial decisions. We are financially strong and well positioned for continued growth, and we are grounded in our core values of People Focused, Integrity, Customer Driven, and Excellence. We have offices in more than 260 communities in the U.S., including our headquarters in Carmel, Indiana, and corporate offices in Birmingham, Chicago, Orlando and Milwaukee. At CNO Financial Group, we’re always looking forward—to the security and stability we help create for our insurance brands’ customers, and the growth we create within our own company. We're looking for ambitious people who want to do more. We'll provide you with opportunities to grow your skills through challenging professional experiences. If you're looking for a culture that encourages development, helps you reach your potential, and rewards you for your contribution, then CNO Financial Group is right for you. For more information, visit CNOinc.com. We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, veteran status, or disability status. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation. Compensation Pay Range: $107,800.00 - $161,800.00 Annual We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, veteran status, or disability status. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

Role Description The Functional Lead will be responsible for collaborating with multiple internal stakeholders to assist with functional planning, establish scope/requirements, solution design, documentation, and testing solutions. In addition, the Functional Lead will be responsible for reviewing and managing updates to business processes to achieve project goals and will help to serve as a liaison between the business stakeholders and project development teams to implement the project scope. Job Responsibilities - Collaborate with stakeholders to identify scope/requirements for the network enhancements. - Review existing policies and identify requirements and support design, and test of network updates. - Document requirements, design, test cases (and result) and manage review and updates. - Quality Assurance/Test support Post implementation support/transition. Qualifications - Bachelor’s degree Requirements - Functional Requirements Analysis – Intermediate - Business Requirements – Intermediate - Network and Service Management – Intermediate - Network Infrastructures – Intermediate - Stakeholder Engagement – Intermediate Desired Skills - Agile Methodologies – Intermediate - Business Process Design – Advanced - Risk Management – Advanced Benefits Employees hired through this process will join MGPS and receive a comprehensive benefits package and competitive pay. Company Description Since 1999, ITEC has delivered mission-critical support to the DoD and Intelligence Community. Now part of ManpowerGroup Public Sector (MGPS), we continue that work with expanded capabilities.