Information Security Lead

Location: Fully Remote

At Fairmatic we’re on a mission to make roads safer, one fleet at a time. We think about insurance, risk and underwriting in an unconventional way. Auto insurance has always been unfair: safe and unsafe drivers that look alike pay the same. Because of this, safe drivers end up subsidizing risky ones. It doesn’t make sense. We’re using data and AI to introduce a personalized option that incentivizes safe driving with savings. Our predictive risk models have been trained with nearly 200 billion miles of driving data and tested with hundreds of thousands of paying drivers with industry-leading underwriting results. And we’re just getting started.

Our leadership team includes serial entrepreneurs, insurance industry savants and start-up veterans. We’ve raised $42M from leading VCs as well as insurtech, fintech and technology industry angel investors.

At Fairmatic we do our best work while living our best lives, regardless of where we are. We have thriving teams across the globe and we are constantly looking for talented folks to welcome into the family. We are a curious, adaptable and diverse bunch of technologists and problem solvers who are obsessed with creating a positive impact in the world. In our work together, we strive for close collaboration, humbleness and constant learning.

We are looking for a motivated and talented Information Security Lead to own and spearhead Information security initiatives for the digital privacy and security of our end users, SaaS and Insurance Products. In this role, you will work across teams with insurance and engineering backgrounds to introduce and implement ISMS policies, meet compliance requirements and develop secure engineering practices. You will take part in the product development process to devise and implement strategies (platform, processes, tools, etc) for application and data security.

#LI-Remote

Requirements

A day in the life:

• Lead company-wide information security initiatives to meet privacy, compliance and regulatory requirements, for e.g. CCPA, SOC-II
• Own Product security and ensure data security & privacy aspects are continuously monitored through reviews of product & enggineering designs.
• Implement the procedures and policies as documented in the company ISMS (Information Security Management System). Perform regular audits, and work with HR / IT etc to ensure security practices are compliant as stipulated in ISMS - evolve and improve the ISMS as appropriate.
• Develop and implement tools to assist in the vulnerability management, detection, prevention, and analysis of security threats - and monitor the same

• Exemplify and foster Fairmatic’s humble, collaborative and impact-obsessed culture

What you will need:

• 5+ years of hands-on experience in DevSecOps, Security Analysis and Threat intelligence
• Should have led the stratergy and implementation of a known data security standard such as ISO 27001, SOC-II, CCPA, GDPR, etc - along with hands-on experience with maintenance of the same
• Ability to guide and influence product and engineering design as part of the Product Development Life Cycle, so that they adhere to security policies, and best practices
• A good foundational understanding of modern Web application design and network architectures. For e.g. HTTP APIs and related protocols, Cloud Infrastructure, and Mobile (Android / iOS) platforms
• Developer background is a plus, working with a modern programming language - we use Python - familiar with developer best practices, and standards such as OWASP, etc
• Excellent verbal/written communication skills
• Self-driven and able to work independently
• Comfortable working in a highly agile, intensely iterative software development process

Benefits

• Employee Health Insurance Program
• Unlimited Holiday
• Mobile and Broad Band Allowance
• Entertainment Allowance
• Wellbeing allowance
• Pension Contibution
• Private Medical Care