Mutual of Omaha
Architect II – Application Security (DevSecOps Focus)
Full details on LinkedIn
The complete job description, requirements, and application details are available on the original posting.
About Mutual of Omaha
Mutual of Omaha is a Fortune 500 mutual insurance and financial services company based in Omaha, Nebraska. Founded in 1909, it operates as a mutual company owned by its policyholders. The company provides a wide range of insurance and financial products to individuals, businesses, and groups across all 50 U.S. states, with over 6.7 million policies in force and more than 19 million members. The company offers various products, including life insurance, annuities, Medicare Supplement insurance, dental insurance, disability insurance, and long-term care coverage. Mutual of Omaha has a strong commitment to community involvement, supporting numerous nonprofits through the Mutual of Omaha Foundation and encouraging employee volunteerism. With a history of innovation and stability, the company has maintained a significant financial presence and continues to focus on serving its customers effectively.
Security at Mutual of Omaha
Compiled from public job postings, careers pages, and company materials. Data may not reflect current state — verify during interviews.
Security Philosophy
- Mutual of Omaha's AppSec philosophy centers on a DevSecOps strategy that emphasizes embedding security controls, testing, and policy enforcement directly into CI/CD pipelines.
- Their mission is to safeguard the confidentiality, integrity, and availability of systems while transitioning security to a 'second line of defense' through decentralization.
- They are also proactively addressing modern development trends by establishing governance for AI-assisted development workflows and autonomous DevOps agents.
Security Team
- Mutual of Omaha's security organization is led by Jason Hamilton, Chief Information Security Officer (CISO).
- The team includes leadership figures such as Mike Quast.
- The company is currently transitioning its security model, moving toward a 'second line of defense' structure where security responsibilities are increasingly decentralized to other business areas.
- Active recruitment is ongoing for high-level roles including an Architect II for Application Security, an Engineer for Machine Identity Management, and an IS Security Developer focused on SailPoint Identity IQ.
Key Initiatives
- Current initiatives include the evolution of application security telemetry and detection to feed into enterprise monitoring.
- The team is actively establishing security governance and guardrails for AI-driven development, including LLM-assisted coding.
- Operational workflows are focused on machine identity management, including the full lifecycle of digital certificates and the automation of issue triage and remediation from discovery through resolution.
Preparing for an AppSec interview?
Get the weekly briefing 2,000+ security pros trust.