Cyber Security Review Program Lead
Pacific Life · Omaha, Nebraska · Posted Jul 6, 2026
Apply on company site Track it in JobSkout
Job Description
Providing for loved ones, planning rewarding retirements, saving enough for whatever lies ahead – our policyholders count on us to be there when it matters most. It’s a big ask, but it’s one that we have the power to deliver when we work together. We collaborate and innovate – pushing one another to transform not just Pacific Life, but the entire industry for the better. Why? Because it’s the right thing to do. Pacific Life is more than a job, it’s a career with purpose. It’s a career where you have the support, balance, and resources to make a positive impact on the future – including your own.
We’re actively seeking a talented Senior Security Engineer to join the Engineering department within our Operational Risk and Resilience (OR&R) team. In this role, you’ll play a key part in identifying, assessing, and communicating cyber and IT risks to support effective enterprise risk management. Owning the design, governance, and delivery of our Security Review program, you'll serve as the subject matter expert for how the organization identifies and manages cyber and IT risk introduced through new purchases, projects, and technology changes. You'll operate independently, engaging directly with stakeholders across business functions including Procurement, IT, Risk, and others to embed risk identification early into organizational decision-making and implementation. Working closely with the Engineering Service Lead and Service Manager, you'll help shape service strategy while maintaining full accountability for the program's effectiveness, consistency, and maturity.
This role can be located in our Newport Beach, California or Omaha, Nebraska office and is classified as hybrid, working four days per week on‑site and one day remote.
How You’ll Help Move Us Forward
- Own the end-to-end design, governance, and continuous improvement of the Cyber Security Review program, including methodology, standards, intake processes, and review frameworks that ensure consistent and scalable execution
- Lead reviews of new technology projects, purchases, and organizational changes, ensuring cyber and IT risk considerations are identified and addressed before implementation
- Conduct re-reviews of existing critical applications, identifying control gaps, emerging risks, and areas requiring remediation or formal risk acceptance
- Manage the relationship, execution, and oversight of our external managed service provider supporting the security review process
- Define and maintain meaningful program metrics, reporting, and stakeholder communications that create transparency into review activity, risk findings, and program performance
- Identify and execute on opportunities to improve program effectiveness through process innovation, tooling, automation, or the application of emerging technologies such as AI
- Partner with the Engineering Service Lead and Service Manager to align program strategy with broader service objectives, contributing to roadmaps and capability development
The Experience You Bring
- 6+ years of experience in security engineering, risk management, or a related technical discipline within a large enterprise environment
- Demonstrated experience owning or leading a security review, risk assessment, or related program, including responsibility for methodology design, process governance, and delivery outcomes
- Deep technical experience across a broad range of technologies to support thorough and effective security assessments
- Experience conducting security reviews of technology projects, system changes, or application portfolios, with the ability to identify control gaps, design weaknesses, and areas of elevated risk
- Strong process design and improvement experience, with the ability to build structured, repeatable, and scalable review processes from the ground up or mature existing ones
- Experience engaging independently with technical and non-technical stakeholders, balancing constructive partnership with objective, independent challenge
What Makes You Stand Out
- Familiarity with project intake, change management, or architecture review processes, and how security risk oversight integrates into those workflows
- Risk management experience aligned with frameworks such as NIST Cybersecurity Framework, COBIT 2019, or the NIST Privacy Framework
- Experience building or maturing a security review program, including developing standards, templates, or playbooks that drive consistency at scale
- Previous experience as a senior individual contributor, acting lead, or subject matter authority, with a track record of influencing outcomes without formal people management responsibilities
- Strong interpersonal skills with the ability to establish credibility, build trust, and drive alignment across technical and business stakeholders
- Experience working in a global organization, partnering with stakeholders across multiple time zones
Desired Behaviors
- Drives continuous improvement by consta…