Head of Security
Remote, United States
Applications have closed
Corvus
Corvus empowers brokers to predict and prevent complex cyber risks. We offer Smart Cyber Insurance® policies paired with data-driven risk prevention tools.We’re united by a mission: to make the world a safer place. Corvus Insurance uses novel data and artificial intelligence/machine learning to achieve better insights into commercial insurance risk. Our software empowers brokers and policyholders to better predict and prevent complex claims through data-driven tools and Smart Commercial Insurance® policies. This allows us to reduce or eliminate the impact of adverse events, creating a safer world for everyone. Drawing inspiration from the intelligent, tool-building corvid family of birds, we are a team of high-flying collaborative builders. We’re excited to meet you. Spread your wings, and soar with us.
Corvus is seeking a Head of Security to help expand and manage Corvus’ security program. The Head of of Security, working in collaboration with the Chief Information Security Officer (CISO), will be responsible for expanding and maintaining Corvus’ cyber defenses to protect Corvus’s information and systems from cyber threats. This role will manage security engineering and operations for Corvus’ infrastructure with a focus on cloud, product, and endpoint security. This position will work collaboratively with key DevOps, Engineering, Information Technology, and Business stakeholders.
Responsibilities:
Specific duties will include but are not limited to:
- Secure and protect Corvus’ data and systems.
- Collaborate with the CISO to develop and manage Corvus’ security strategy.
- Develop and manage annual security Objectives and Key Results.
- End-to-end ownership of cybersecurity initiatives.
- Manage security operations for a cloud native environment.
- Respond to security incidents when necessary.
- Work closely with DevOps to advise, implement, and manage cloud security standards and controls to protect Corvus’ cloud environment.
- Work closely with Product Engineering to advise, implement, and manage Secure Development Life Cycle (SDLC) practices.
- Work closely with IT to advise, implement, and manage endpoint and SaaS application security.
- Work closely with the GRC Head of to conduct audits and assessments to ensure compliance with security policies, standards, and procedures.
- Collaborate with and manage third party vendors to support Corvus’ security program.
What you'll bring to the flock:
- 10+ years of professional experience in cyber security.
- 5+ years building or managing a security program.
- 5+ years of hands-on experience securing cloud and SaaS platforms.
- Experience with AWS and Google Workspace preferred.
- Experience with modern development practices and product security.
- Experience designing security into git-based CI/CD workflows.
- Familiarity with automation tools such like Terraform or GitHub Actions
- Experience with “Shift-Left” policy-as-code driven frameworks to deliver effective security controls.
- Strong communication and relationship skills.
- Ability to communicate security and risk implications to technical and non-technical audiences.
- Strong project management skills.
- Ability to manage long term projects and effectively communicate status
- Ability to work cross functionally to accomplish business objectives
- Mindset of enabling the business to accomplish their objectives while reducing risk.
- Agility in dealing with a changing business environment and areas of ambiguity.
Our Commitment
Corvus provides a seriously safe nest for people who come from all paths. Our flock represents a variety of backgrounds, perspectives, and skills. Although confidence can sometimes hold us back from applying for a job, we believe there's no such thing as a 'perfect' candidate. Corvus is a place where everyone can soar. So, however you identify and whatever background you bring, please apply if this is a role that would make you excited to come into work every day.
We believe in paying equitably for performance. Actual salaries will vary and may be above or below the range based on various factors including but not limited to experience, skills, internal equity, market data, and geography. Please note that the salary range that follows is a good faith estimate for this position only. The base salary range for this position is: $195,000.00 - $202,000.00, subject to final approval. This position may be eligible for performance-based incentives.
In addition to salary, you’ll also enjoy our world class benefits such as: stock/equity options, unlimited PTO (a minimum of 3 weeks/yr is encouraged), hybrid working, sabbatical, 401(k) match, professional development, wellness reimbursement, and excellent health, dental & vision coverage. There are many rewards of being a Corvid and we are happy to discuss those further with you.
Corvus is committed to providing reasonable accommodations for individuals with disabilities. If you need assistance or an accommodation with our hiring process due to a disability, contact us at careers@corvusinsurance.com.
Disclaimer: Bird puns are highly encouraged!
Tags: Application security Artificial Intelligence Audits Automation AWS CI/CD CISO Cloud Compliance DevOps Endpoint security GitHub Machine Learning Product security SaaS SDLC Security strategy SOAR Strategy Terraform
Perks/benefits: 401(k) matching Career development Equity Health care Insurance Team events Unlimited paid time off Wellness
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Product Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Senior Information Security Analyst jobs
- Open Cyber Security Specialist jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Cybersecurity Specialist jobs
- Open Senior Security Architect jobs
- Open Sr. Security Engineer jobs
- Open IT Security Engineer jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open CEH-related jobs
- Open Forensics-related jobs
- Open Kubernetes-related jobs