VP of Information Security

Please be aware of certain scams by fake recruiters offering remote jobs via Telegram, WhatsApp, and other unconventional means of communication. All communication for roles at Insurify will come from the email domain @Insurify.com. If you receive communication from any other source, please do not share any personal information. Instead, block and report them.

Why us?

Insurify is one of America's fastest-growing MIT FinTech startups and has been recognized as one of Inc. 5,000's fastest-growing private companies in America of 2023, 2022, and 2021, Forbes Fintech 50 List for 2023, 2022, 2021, Forbes Next Billion Dollar Startups of 2022 global and Top 100 InsurTech company. We're changing the way millions of people compare, buy, and manage insurance with artificial intelligence, technology, and superior product design. Our company vision is to be recognized as the preeminent and most trusted digital agent for insurance comparison, purchase, and management. Our team is critical to achieving our vision, and fostering the right culture is essential to our team's success.

Join us if you like

• $1.3 Trillion market opportunity.
• MIT alumni founders.
• Female-led startup.
• $130M total funding.
• Strong leadership team with experience from many successful startups around the world.
  
  

About the role

The VP of Information Security will be responsible for designing, implementing, and overseeing the company's security architecture. This role will involve close collaboration with software development, DevOps, IT, and executive teams to ensure that security is deeply integrated into all aspects of our technology stack, infrastructure, and business processes. You will also be tasked with leading the organization's security operations, managing incidents, and ensuring compliance with industry standards such as SOC2 and NIST CSF.

Key Responsibilities:

• Security Strategy & Leadership:
• Develop and lead the execution of the company's security strategy across all technical and operational areas.
• Advise the executive leadership team on security risks, regulatory requirements, and risk mitigation.
• Stay updated on industry best practices, security threats, and ensure proactive defenses.
• Security Architecture & Implementation:
• Design and maintain security architecture, ensuring best practices in secure software development, data encryption, access management, and cloud infrastructure security.
• Work with development teams to implement secure coding practices and integrate security controls into CI/CD pipelines.
• Collaborate with DevOps to secure cloud environments and containerized workloads.
• Risk Management & Compliance:
• Ensure compliance with security frameworks like NIST CSF, SOC2, and other relevant standards.
• Conduct regular security assessments, vulnerability scans, and penetration tests.
• Manage the development and implementation of policies, procedures, and controls to ensure data integrity and security.
• Incident Response & Monitoring:
• Develop and maintain incident response plans, including disaster recovery and business continuity strategies.
• Oversee monitoring, detection, and response to security incidents and ensure effective resolution of any vulnerabilities.
  

What you need to succeed

• Technical Expertise:
• Deep understanding of cybersecurity principles, especially within software development and cloud environments.
• Experience with security frameworks such as SOC2, NIST CSF, ISO 27001, and related standards.
• Proficient in securing cloud platforms and managing security in containerized environments.
• Familiarity with secure development practices (e.g., static/dynamic analysis, vulnerability management, OWASP).
• Experience & Education:
• 4+ years of experience in cybersecurity, with at least 2 years in a leadership role.
• Strong experience working with startups or fast-growing tech companies.
• Bachelor's or Master's degree in Computer Science, Cybersecurity, or related field preferred.
• Professional certifications like CISSP, CISM, CISA, or similar are highly desirable.
• Leadership & Communication:
• Proven track record of leading security initiatives across technical and non-technical teams.
• Excellent communication and presentation skills, with the ability to explain complex security concepts to executives and engineers alike.
• Strong leadership abilities, with experience in scaling security operations as a business grows.
  

We are proud to be an Equal Employment Opportunity and Affirmative Action employer.