Enterprise Security Manager
Privilege Underwriters, Inc. is the insurance holding company dedicated to creating an exceptional experience for responsible high net worth individuals and families that are members of Privilege Underwriters Reciprocal Exchange (PURE). The Enterprise Security Manager is a key member of our infrastructure team reporting to the SVP, Member Experience and Administration and will be based out of our White Plains, NY headquarters. The primary goal of this position is to assist in the implementation and eventually oversee the design of PURE Insurance’s cyber and physical security programs to ensure the protection of PURE’s digital intellectual property and physical assets, as well as that of its employees, members, brokers, and visitors.
Duties and Responsibilities
- Helps to ensure a strong security posture across the organization with a high degree of operational readiness and capability to respond to continuously evolving threats, breaches and vulnerabilities;
- Fosters a security-oriented culture throughout PURE via effective awareness, testing, and outreach programs;
- Develops and executes on solutions (policies, practices, tools) that aim to protect enterprise systems and sensitive data;
- Gets involved in all aspects of the cyber and physical security program, including but not limited to threat & vulnerability management, incident response, and data & information protection;
- Develops and manages key external relationships with security service providers, vendors, as well as industry forums to augment the capabilities of the internal security staff;
- Assists in developing a security governance program that ensures compliance with applicable regulatory frameworks, and establishes trusted relationships throughout the company to ensure it is followed.
- Partners and works closely cross-functionally with several stakeholder groups including Underwriting and Claims.
Technical Experience and Skills
- 6-10 years’ experience in an IT assurance type position focusing on general computing controls, cybersecurity, and IT audit;
- A Bachelor’s Degree from a 4 year MIS or Security/Cyber program;
- Deep understanding of technical security concepts and familiarity with related technologies and infrastructure, as well as a solid conceptual knowledge of enterprise IT system operations;
- Experienced in going through security and IT control audits similar to ISO and/or SOC-2.
- Exceptional interpersonal, listening, written, and oral communication skills;
- Keen attention to detail and solid problem solving skills;
- Passionate about the craft itself, and continuous learning around security threat trends;
- Extremely organized and can juggle multiple projects simultaneously;
- Ability to demonstrate integrity, exhibit team spirit and enthusiasm, and establish trust and credibility;
- Agile learner who can quickly absorb information and apply it to current situations with a tremendous amount of flexibility;
- Open to getting in the weeds of the tactical work as well as the strategy aspects of the role.
PURE Group of Insurance Companies
High Value Personal Lines Property & Casualty Insurance
Company Type: Privately Held
Company Size: 201-500