Senior Information Security Engineer - IntelliScript (Remote)

What We Do

Milliman IntelliScript is a group of a few hundred experts in fields ranging from actuarial science to information technology to clinical practice. Together, we develop and deploy category-defining, data-driven, software-as-a-service (SaaS) products for a broad spectrum of insurance, health IT and life sciences clients. We are a business unit within Milliman, Inc., a respected consultancy with offices around the world.

Candidates who have their pick of jobs are drawn to IntelliScript's entrepreneurial and collaborative culture of innovation, excellence, exceptional customer service, balance, and transparency. Every single person has a voice in our company, and we challenge each other to push the outer limits of our full, diverse potential. And, we've shown sustained growth that ensures you'll have room to grow your skillset, responsibilities, and career.

Our team is smart, down-to-earth, and ready to listen to your best ideas. We reward excellence and offer competitive compensation and benefits. Visit our LinkedIn page for a closer look at our company, and learn more about our cultural values here.

Milliman invests in skills training and career development and gives all employees access to a variety of learning and mentoring opportunities. Our growing number of Milliman Employee Resource Groups (ERGs) are employee-led communities that influence policy decisions, develop future leaders, and amplify the voices of their constituents. We encourage our employees to give back to their varied professions, including leadership in professional organizations. Please visit our website to learn more about Milliman's commitments to our people, diversity and inclusion, social impact, and sustainability.

What this position entails

As a Senior Information Security Engineer on the Information Security team at Milliman IntelliScript, you'll play a key role in helping us continuously improve our security programs to ensure the safety of our technology, processes and data. This role will encompass tactical and strategic work of putting forward-looking initiatives in place as well as responding to external threats on an ongoing basis, which is a great opportunity for impact across all IntelliScript. We're also modernizing and scaling quickly and are excited to bring someone onboard who can help us proactively tackle challenges - both in the day-to-day operations and anticipated future ones.

As a member of the Information Security team, you will collaborate with members of the Platform Engineering and Software Development teams to plan and implement various security initiatives. The team will look to you for your strategic expertise, reliable execution, and sound judgment to improve and maintain our security infrastructure, along with creating and improving processes for maintaining a secure product and environment.

You will be joining a team that is passionate about technology and helping pave the way for building great products together.

What you will be doing

• Improve, monitor and maintain our Information Security Program
• Execute security initiatives related to infrastructure, product and data
• Contribute to the strategic planning of security work, make strategic recommendations and improvements to our security
• Work with application and cloud engineers to improve the security of various product features
• Design and implement security controls and measures to protect our application and data
• Monitor and analyze security events and incidents and respond promptly to security breaches
• Collaborate with development teams to integrate security best practices throughout the software development lifecycle
• Quickly and proactively respond to incoming security threats
• Continually assess, address and report on the levels of threat and preparedness
• Assist in maintaining compliance with industry standards relevant to our organization

What we need

• 5+ years of relevant experience with 3+ years deep, hands-on AWS experience
• Strong Okta experience: SSO/SAML/OIDC setup, adaptive MFA, app sign-on policies, SCIM, custom auth server and claims, CIAM policies and use cases
• Expert-level AWS IAM: role/permission boundary design, resource policies, cross-account patterns, session management etc.
• Strong API security: OAuth2/OIDC, JWTs; token lifecycles and scopes, experience with API Gateway, schema validation, abuse detection, rate limiting, mTLS
• Proficiency with Terraform and Git-based CI/CD; able to implement policy-as-code and pre-merge guardrails
• Cloud security monitoring/detections: CloudTrail, Config, GuardDuty, CloudWatch etc.
• Scripting/Automation in at least one modern language/framework
• Solid data protection and secrets management using AWS KMS and Secrets Manager; practical cryptography for engineering use

What you bring to the table

• Has a thorough understanding of the field and seeks to enhance technical expertise by staying up to date with industry trends, best practices, and emerging technologies
• Leads problem solving resolution initiatives, integrates cross-functional perspectives, and ensures sustainable outcomes
• Communicates complex information clearly and produces comprehensive documentation with minimal supervision
• Drives projects and tasks forward, making informed decisions and taking responsibility for outcomes
• Collaborates effectively with team members to overcome obstacles, meet deadlines, and achieve shared objectives
• Proactively identifies advanced learning opportunities, mentors peers, and continuously updates skills to maintain industry relevance
• Leads organizational risk management initiatives, designs advanced risk mitigation and contingency plans
• Proactively addresses issues within the team, facilitating open communication
• Takes on additional responsibilities or roles within the team, demonstrating accountability and a commitment to shared objectives

Wish list

• Continued education and/or advanced degree(s)
• Experience in environments subject to HITRUST, HIPAA and/or PCI regulations
• Experience in software-as-a-service, actuarial science, and/or insurance underwriting industry
• Incident Management experience for identity and APIs
• Bot management and advanced WAF tuning

Location

The expected application deadline for this job is May 31, 2026. This position is open to remote work. Applicants must be willing to travel to the Milliman office in Brookfield, WI for an annual team meeting.

Compensation

The overall salary range for this role is $104,900 - $199,065. For candidates residing in:

• Alaska, California, Connecticut, Illinois, Maryland, Massachusetts, New Jersey, Pennsylvania, Virginia, Washington, the District of Columbia, New York City, Newark, San Jose, or San Francisco the salary range is $120,635 - $199,065.
• All other locations the salary range is $104,900 - $173,100.

A combination of factors will be considered, including, but not limited to, education, relevant work experience, qualifications, skills, certifications, etc.

Benefits

We offer a comprehensive benefits package designed to support employees' health, financial security, and well-being. Benefits include:

• Medical, Dental and Vision - Coverage for employees, dependents, and domestic partners.
• Employee Assistance Program (EAP) - Confidential support for personal and work-related challenges.
• 401(k) Plan - Includes a company matching program and profit-sharing contributions.
• Discretionary Bonus Program - Recognizing employee contributions.
• Flexible Spending Accounts (FSA) - Pre-tax savings for dependent care, transportation, and eligible medical expenses.
• Paid Time Off (PTO) - Begins accruing on the first day of work. Full-time employees accrue 15 days per year, and employees working less than full-time accrue PTO on a prorated basis.
• Holidays - A minimum of 10 paid holidays per year.
• Family Building Benefits - Includes adoption and fertility assistance.
• Paid Parental Leave - Up to 12 weeks of paid leave for employees who meet eligibility criteria.
• Life Insurance & AD&D - 100% of premiums covered by Milliman.
• Short-Term and Long-Term Disability - Fully paid by Milliman.

Equal Opportunity

All qualified applicants will receive consideration for employment, without regard to race, color, religion, sex, sexual orientation, national origin, disability, or status as a protected veteran.