• Full Time
  • Anywhere
To help keep everyone safe, we encourage all applicants to pay close attention to protect themselves during their job search. When applying for a position online you are at risk of being targeted by malicious actors looking for personal data. Please be aware we will only reach out via email using the domain BlueOwl.xyz or HiRoad.com. Anything that does not match those domains should be ignored and considered a security risk.
Our Mission
We make good things happen by recognizing and rewarding people for taking the high road. How? By reinventing insurance that celebrates people’s mindful choices.
Insurance was fundamentally a brilliant idea, but it always had a key challenge — it couldn’t identify and acknowledge the positive decisions that individuals made along the way. But when we apply smart mobile technologies, we can. And that’s what we do. We help our customers save on their monthly bill. But more importantly, they join a growing movement of people who dare to live more mindfully because doing so is simply better for everyone.
We’re a well-funded, talent dense team of people who care about using our skills to do good. From data science, to design, engineering, insurance, product, research, user experience and beyond — we believe in people who believe they can make the world even better. Join us, and let’s build the higher path that is HiRoad.

The Role

We are seeking a Manager of Information Security to join our Security team. You will take the helm of Security Incident Response, Security Solutions Engineering & Operations and Security Awareness, to steer their growth, develop long-term strategies, and improve integrations with other functional areas.You will report directly to the Head of Security & Privacy and will play a key role in maintaining the overall security posture of the company.

Your day-to-day:

  • Lead and manage a small team of Security Engineers
  • You will be responsible for building out short and long-term roadmaps for each team based on company priorities; developing and implementing security & privacy policies; defining performance metrics and helping the teams meet them; and working with senior leadership on matters of strategy, planning, and prioritization.
  • Lead and manage a team of Security Engineers and collaborate with cross-functional teams to build secure solutions for systems like identity management, authentication and authorization, security logging, data encryption & tokenization, DLP (Data Loss Prevention), API Gateways, Network Zero Trust, IDS (Intrusion Detection Systems), Firewall and Internet Gateways, Securing Data Warehouse, and Securing Microservices.
  • Collaborate with business teams to integrate security into their projects and consult on engineering and business projects to identify security requirements and then work with those teams to build security solutions to meet those requirements.
  • Manage in-depth security assessments to identify and mitigate potential security risks, stay current with the latest security technologies, trends, and threats, and implement measures to mitigate risks.
  • Develop and maintain security policies, procedures, and best practices for cloud security and application security.
  • Act as a subject matter expert in incident response, security solution engineering and security awareness and provide consultation to other teams within the company.
  • Provide technical guidance and mentorship to security team members.
  • Manage security incidents and participate in a 24/7/365 ID/IR (Incident Detection/Incident Response) rotation, and assist with incident response procedures.

About you:

  • 10+ years experience in security engineering and architecture, with a focus on cloud security security.
  • Bachelor’s degree in Computer Science, Information Security, or a related field and/or relevant experience.

Hard skills 

  • 3 years of experience as a people manager, managing a team of security engineers
  • Certified Information Systems Security Professional (CISSP) or other security certifications.
  • Strong technical skills in AWS, and security technologies such as firewalls, intrusion detection systems, encryption, and network security.
  • Experience with DevOps and continuous integration/continuous deployment (CI/CD) pipelines.
  • Comprehensive knowledge of cloud security best practices and industry standards (e.g. AWS Well Architected Framework, ISO 27001, NIST 800-53, OWASP).
  • Experience with building security roadmaps, services and solutions.
  • Excellent communication, leadership, and interpersonal skills.
  • Ability to think strategically and execute tactically.

Soft skills 

  • Ability to inspire, influence and align internal and external stakeholders
  • Experience leading a diverse team of information security professionals, including security engineers.
  • Excellent communication and listening skills: able to collaborate with both engineers and business users/leaders taking into account cross functional team needs while building roadmaps.
  • Experience with delivering presentations to the leadership team or whole company
  • Ability to coach and develop team members for career development
  • Superior organizational skills, extraordinary attention to detail, and ability to break down a large complex problem or project into small deliverables, all with a mindset toward delivering results
  • Strong situational awareness to identify and escalate matters that require urgent attention.
  • You view your team as your strongest resource, and support & encourage their personal and career development
  • You thrive in high-pressure or crisis situations.

Bonus Points:

  • Hands-on experience with security automation and scripting.
  • Familiarity with the insurance industry or a similar highly-regulated industry.
  • Experience with common SIEM and logging platforms such as Splunk.
  • Experience bridging corporate and on-site networks with cloud environments.
  • Experience building zero-trust infrastructure.
  • Experience with network security, especially using technologies such as Cisco & Palo Alto Networks.
  • Experience automating interaction with third-party cloud services such as GSuite.

Salary: $244,653 to $369,200

  • Important note: all offered salaries are based on many factors, including experience in a similar role and geographic location of the candidate. 

Additional Details: 

  • Benefits: We provide a wide variety of health, wellness and other benefits.These include medical, dental, vision, life insurance and supplemental income plans for you and your dependents, a Headspace app subscription, monthly wellness allowance and a 401(k) Plan with a company match.
  • Work from Home Equipment: Given our virtual environment— in order to set you up for success at home, a one-time payment of $2K will be provided to cover the purchase of in-home office equipment and furniture at your discretion. Also, our teams work with MacBook Pros, which we will deliver to you fully provisioned prior to your first day.
  • Paid Time Off: All employees accrue four weeks of PTO in their first year of employment.  New parents receive twelve weeks of fully paid parental leave which may be taken within one year after the birth and/or adoption of a child. The twelve weeks is applicable to both birthing and non-birthing parent.
  • Personal and Professional Development: We’re committed to investing in and helping our people grow personally and professionally.  All employees receive up to $5000 each year for professional learning, continuing education and career development.  All team members also receive Udemy subscriptions and access to multiple different coaching opportunities through BetterUp.
  • Location: We are a remote-first company for most positions so you may work from anywhere you like in the U.S, excluding U.S. territories.  Occasional travel may be required for team meetings or company gatherings.  Employees based in the San Francisco Bay Area or in Providence, Rhode Island may commute to one of our local offices as desired.  
  • Hours: We maintain core meeting hours from 9AM – 3PM Pacific time for collaborating with team members across all time zones. 

BlueOwl, LLC is an equal opportunity workplace. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status.  Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.

If you are a San Francisco resident, please read the City and County of San Francisco’s Fair Chance Ordinance notice.  https://sfgov.org/olse/sites/default/files/FCO poster2020.pdf

This role is employed by BlueOwl, LLC.  BlueOwl, LLC is a separate company in the State Farm family of companies and is the solutions provider for the HiRoad Assurance Company.

To apply for this job please visit remotive.com.