Chief Information Security Officer (Insurtech)

TL;DR

Chief Information Security Officer (Cybersecurity): Leading cybersecurity strategy, security operations, and GRC across the enterprise with an accent on protecting systems, data, and customers in a regulated environment. Focus on managing SOC 2 programs, navigating SOX audit cycles, and ensuring compliance with state and federal insurance regulations.

Location: Hybrid (Austin, TX / Morristown, NJ). Must be based in the US.

Salary: $237,500 - $390,000

Company

hirify.global is a tech-native diversified carrier platform that uses technology and data to help customers protect their homes and simplify homeownership.

What you will do

• Execute and evolve the enterprise cybersecurity strategy aligned with business risk and regulatory requirements.
• Lead security operations, including threat detection, incident response, vulnerability management, and threat intelligence.
• Own the SOC 2 program end-to-end, including control design, audit preparation, and remediation.
• Manage identity governance, privacy, data protection strategy, and third-party vendor risk management.
• Report on cybersecurity posture, risk trends, and incident activity to the Board of Directors and Audit and Risk Committee.
• Build, mentor, and develop the cybersecurity team and embed security into the engineering culture.

Requirements

• 10+ years of experience in cybersecurity, with at least 5 years in a senior leadership role (CISO, VP, or Head of Security).
• Experience at a regulated, publicly traded company, including direct involvement in SOX audit cycles.
• Proven track record of building security operations and owning SOC 2 programs.
• Strong GRC background with experience maintaining risk registers, policy frameworks, and control libraries.
• Ability to effectively communicate cybersecurity risk to board-level executives and regulators.
• Must be based in or able to work from Austin, TX or Morristown, NJ.

Nice to have

• Experience in the insurance, Insurtech, or fintech industries.
• Relevant certifications such as CISSP, CISM, CRISC, or CISA.
• Familiarity with privacy frameworks and data protection requirements (e.g., CCPA/CPRA).
• Background in security engineering or application security.

Culture & Benefits

• Comprehensive medical plans, plus 100% employer-covered dental and vision plans.
• 401(k) retirement plan, equity compensation, and life insurance.
• Flexible time off policy to ensure team members can recharge.
• 12 weeks of parental leave for primary and secondary caregivers.
• Onsite perks including catered lunches, snacks, and drinks.