Chief Information Security Officer

Position: Chief Information Security Officer

Location: Greater Salt Lake City, UT (Remote)

Duration: 6 Months

Weekly commitment: 24 hours

Note: This is a part-time role, and this engagement needs candidate to support project for 24 hours in a week only.

JD:

• Lead security strategy and governance aligned with the company s business objectives and risk appetite, defining the security roadmap, budget priorities, and measurable maturity targets tailored to insurance domain needs (underwriting, policy admin, claims, actuarial systems).
• Own enterprise risk management and compliance programs, conducting risk assessments, vendor/third party risk reviews, and ensuring adherence to relevant regulations and frameworks (state insurance regulators, NAIC guidance, SOC2/ISO/GDPR/other applicable standards).
• Oversee security operations and incident management, including SOC performance, threat detection and response, tabletop exercises, forensics, coordination with cyber insurance carriers, and crisis communications to minimize business disruption and regulatory exposure.
• Ensure protection of customer and financial data through secure architecture and controls: identity and access management, encryption, DLP, secure cloud/on prem designs, DevSecOps practices, and controls for integrations with brokers, carriers, and payment systems.
• Drive leadership, culture, and stakeholder engagement by advising the executive team and board on cyber risk, supporting M&A and regulatory exams, selecting and managing security vendors, developing security talent, and delivering clear metrics and reporting.