Responsibilities
- Design and implement security solutions while continuously validating their effectiveness to safeguard organizational systems and data.
- Act as a strategic bridge between Security, Infrastructure, and Engineering to build a unified security architecture that enables secure AI innovation, supports business goals, and complies with regulations.
- Establish architectural standards featuring built-in automation for monitoring and self-repair across multi-cloud platforms.
- Support enterprise-wide security governance by managing control assurance and collaborating with business units to gather and evaluate audit evidence for executive review.
- Enhance incident response readiness by maintaining documentation and engaging in training simulations to counter evolving threats.
- Create and manage a Security Architecture roadmap that maintains robust protection while supporting strategic business initiatives.
- Lead automation initiatives for existing and new security processes to improve efficiency and minimize manual effort.
- Build the architectural foundation for secure AI deployment, including model security, data privacy, and orchestration of autonomous agents.
- Design advanced multi-cloud infrastructures with programmatically enforced, globally uniform security controls.
- Provide technical expertise on securing CI/CD pipelines and managing security configurations in GitHub and SaaS development environments.
- Continuously evaluate security systems to detect vulnerabilities using risk assessments, penetration testing, and scanning tools, then develop remediation strategies.
- Guide teams on secure development practices, encryption methods, authentication mechanisms, and access management.
- Collaborate with IT, Engineering, Legal, Finance, Insurance Operations, and external auditors during compliance assessments as needed.
- Generate security metrics and reports for leadership, including actionable recommendations that meet security standards and audit requirements.
- Analyze emerging security technologies, trends, and threats to strengthen organizational defenses.
- Review and contribute to security process documentation that ensures compliance with internal policies and regulatory mandates.
- Study, interpret, and apply state-level cybersecurity and privacy regulations relevant to the insurance sector.
- Support responses to external inquiries about the security program, providing detailed technical answers including on governance matters.
- Perform additional assigned tasks as required.
Work Arrangement
Hybrid
Other
- The company participates in the E-Verify Program.
- Flexible remote and hybrid work options are available, along with competitive benefits, equity, and career development opportunities.
- The organization is driven by a team that operates with precision, purpose, and empathy.
