So, what’s the role?

We welcome people from all backgrounds who are driven by a passion for keeping data and technology secure. As the Director of Security at Kin, you will be leading the security function and driving security efforts at Kin. This role has a dual reporting line to the VP of Cloud Operations and the Chief Legal Officer at Kin. This is a highly visible and instrumental role in which you will be responsible for developing, implementing, and monitoring security strategy and risk. As a leader, we’ll rely on you to provide the vision and leadership necessary to drive security program development and maturation through people management, compliance, and strategy work. You will be successful if you take a practical and data-driven approach and create solutions that drive higher rates of effective compliance, rather than policies on paper. The security organization is a small, but heavily experienced team so you will be most successful as a player-coach.

A day in the life could include:

• Drive the security steering committee and gather business feedback on major security decisions. Provide stewardship and champion the function to the executive leadership and company.
• Collaborate with the Product, Legal and other teams to develop and maintain Kin’s security strategy, prioritize work, and assist in developing roadmaps and OKRs.
• Provide direction for Kin’s application, data & network protection, and oversee security policy, plan, and standard development and enforcement.
• Define and drive metrics. Drive a results oriented culture and mindset.
• Coordinate internal and external audits across departments and ensure Kin is maintaining compliance with federal, state, and internal security compliance requirements.
• Evaluate new and ongoing security threats and make strategic decisions to mitigate threats to Kin.
• Respond to an active breach and evaluate potential security breaches and coordinate the incident response team through the incident response process. Provide incident remediation recommendations and lead the breach notification process.
• Supervise the security team to ensure OKRs are met, projects are completed by their deadline, and roadblocks are managed.
• Prioritize work requests that come in from other departments.
• Maintains current knowledge of industry and regulatory trends and advancements in technology.
• Manage security risk across Kin, including performing risk assessments and working with stakeholders to address the risks.
• Oversee the development, effectiveness, and testing of disaster recovery plans to ensure critical business operations are recovered within their defined RTO. Lead disaster recovery operations in the event the disaster recovery plan is activated.
• Oversee and approve major system changes that require review from the security team.

I’ve got the skills… but do I have the necessary ones?

• 10+ years work experience in information security or related field
• 4+ years managing teams and people
• 3+ years’ experience leading an information security program.
• Bachelor’s degree in Information Technology, Computer Science, or related field, AND/OR certificates of Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), OR equivalent combination of education and experience.
• Knowledge of applicable governmental & industry rules and regulations such as the following: NIST CSF, PCI, and SOX.
• Expertise in cybersecurity best practices and implementation of cybersecurity frameworks such as the following: SOC 2 Type II.
• Demonstrated ability to effectively build and manage teams, including coordination of ongoing professional development to enhance existing and build new skills.
• Advanced analytical and problem-solving capabilities.
• Knowledge and expertise in security architecture, cloud solutions, frameworks, and cyber technology.
• 3+ years of experience performing security and/or infrastructure solution architecture. AWS certifications are a plus.
• 3+ years of experience overseeing security improvements in Cloud Service Provider (CSP) Commercial environments. Government CSP environment experience is a plus.
• Experience with migrating on premise infrastructure and processes to the cloud.

In addition to being a cloud/saas security expert we want you to be a great leader.

• We want you to paint a compelling picture for the organization and protect the organization from undue risks.
• Lead the team with passion, vision and empathy.
• Strong communication, collaboration, and management skills. We cannot emphasize enough how important this is!

Oh, and don’t worry, we’ve got you covered!

• Medical, Dental, Vision, Disability and Life Insurance
• Flexible PTO policy
• Remote work
• Generous equity package
• 401K with company match
• Parental leave
• Continuing education and professional development
• The excitement of joining a high-growth Insurtech company and seeing your work make an impact