Director of Security
The world has changed. Why hasn’t insurance?
Kin’s mission is to reimagine home insurance For Every New Normal. While other insurers struggle to handle a fast-changing world, Kin is built for the future and is prepared to meet its challenges head on while helping our customers do the same.
Kin is proud to be one of BuiltIn Chicago’s 2021 and 2022 Best Mid Sized Companies to work for, and Forbes 2021 Best Startup Employers in North America. Simply put, our people are what make us great, and we need forward-thinking, inspired game-changers like you to join us in our mission.
So, what’s the role?
We welcome people from all backgrounds who are driven by a passion for keeping data and technology secure. As the Director of Security at Kin, you will be leading the security function and driving security efforts at Kin. This role has a dual reporting line to the VP of Cloud Operations and the Chief Legal Officer at Kin. This is a highly visible and instrumental role in which you will be responsible for developing, implementing, and monitoring security strategy and risk. As a leader, we’ll rely on you to provide the vision and leadership necessary to drive security program development and maturation through people management, compliance, and strategy work. You will be successful if you take a practical and data-driven approach and create solutions that drive higher rates of effective compliance, rather than policies on paper. The security organization is a small, but heavily experienced team so you will be most successful as a player-coach.
A day in the life could include:
- Drive the security steering committee and gather business feedback on major security decisions. Provide stewardship and champion the function to the executive leadership and company.
- Collaborate with the Product, Legal and other teams to develop and maintain Kin’s security strategy, prioritize work, and assist in developing roadmaps and OKRs.
- Provide direction for Kin’s application, data & network protection, and oversee security policy, plan, and standard development and enforcement.
- Define and drive metrics. Drive a results oriented culture and mindset.
- Coordinate internal and external audits across departments and ensure Kin is maintaining compliance with federal, state, and internal security compliance requirements.
- Evaluate new and ongoing security threats and make strategic decisions to mitigate threats to Kin.
- Respond to an active breach and evaluate potential security breaches and coordinate the incident response team through the incident response process. Provide incident remediation recommendations and lead the breach notification process.
- Supervise the security team to ensure OKRs are met, projects are completed by their deadline, and roadblocks are managed.
- Prioritize work requests that come in from other departments.
- Maintains current knowledge of industry and regulatory trends and advancements in technology.
- Manage security risk across Kin, including performing risk assessments and working with stakeholders to address the risks.
- Oversee the development, effectiveness, and testing of disaster recovery plans to ensure critical business operations are recovered within their defined RTO. Lead disaster recovery operations in the event the disaster recovery plan is activated.
- Oversee and approve major system changes that require review from the security team.
I’ve got the skills… but do I have the necessary ones?
- 10+ years work experience in information security or related field
- 4+ years managing teams and people
- 3+ years’ experience leading an information security program.
- Bachelor’s degree in Information Technology, Computer Science, or related field, AND/OR certificates of Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), OR equivalent combination of education and experience.
- Knowledge of applicable governmental & industry rules and regulations such as the following: NIST CSF, PCI, and SOX.
- Expertise in cybersecurity best practices and implementation of cybersecurity frameworks such as the following: SOC 2 Type II.
- Demonstrated ability to effectively build and manage teams, including coordination of ongoing professional development to enhance existing and build new skills.
- Advanced analytical and problem-solving capabilities.
- Knowledge and expertise in security architecture, cloud solutions, frameworks, and cyber technology.
- 3+ years of experience performing security and/or infrastructure solution architecture. AWS certifications are a plus.
- 3+ years of experience overseeing security improvements in Cloud Service Provider (CSP) Commercial environments. Government CSP environment experience is a plus.
- Experience with migrating on premise infrastructure and processes to the cloud.
In addition to being a cloud/saas security expert we want you to be a great leader.
- We want you to paint a compelling picture for the organization and protect the organization from undue risks.
- Lead the team with passion, vision and empathy.
- Strong communication, collaboration, and management skills. We cannot emphasize enough how important this is!
Oh, and don’t worry, we’ve got you covered!
- Medical, Dental, Vision, Disability and Life Insurance
- Flexible PTO policy
- Remote work
- Generous equity package
- 401K with company match
- Parental leave
- Continuing education and professional development
- The excitement of joining a high-growth Insurtech company and seeing your work make an impact
In an industry that hasn't budged in more than 100 years, our technology transforms the user experience, cuts inefficiencies that waste billions of consumer dollars, and customizes coverage homeowners want. We believe insurance was always meant to be a digital product – we’re making that a reality.
Our approach to the industry makes us unique, and the people at Kin help us excel. We’re a team of problem solvers, collaborators, builders, and dreamers who are passionate about creating positive change in the lives of our customers and in our industry. Kin is more than just our name – it’s how we treat each other. That’s one of the many reasons we’ve been recognized as a great place to work by Built In, Forbes, and Fast Company.
Kin is proud to be an Equal Employment Opportunity and Affirmative Action Employer. We don't just accept difference – we honor it, nurture it, and celebrate it. We don’t discriminate based on race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.
Kin encourages applications from all backgrounds, communities and industries, and are committed to having a team that is made up of diverse skills, experiences and abilities.
Something looks off?