Note: The job is a remote job and is open to candidates in USA. CIGA is dedicated to helping keep the insurance promise through being an empathetic and trusted payer of claims. The Information Security Engineer will develop, implement, and maintain the organization’s information security program while managing cybersecurity risks and regulatory obligations.
Responsibilities
- In partnership with IT Leadership, develop and execute the enterprise information security strategy aligned with organizational goals
- Manage Security Roadmap, working with technical staff to deliver progress
- Establish and maintain security policies, standards, and procedures
- Lead security risk management efforts, including risk assessments and mitigation planning
- Ensure compliance with industry best practices and regulatory/audit requirements
- Lead cybersecurity incident response planning and execution
- Coordinate communication and escalation during security incidents, including executive updates
- Partner with IT and business teams to strengthen disaster recovery and business continuity capabilities
- Although very rare, this position may require response off-hours
- Conduct regular risk assessments and security reviews of systems and vendors
- Participate in CIGA’s Third-Party Risk Management framework
- Support internal and external audits and lead audit response efforts
- Maintain comprehensive documentation and report on security posture
- Partner with IT leadership to integrate security into all technology initiatives
- Provide guidance to business stakeholders on security best practices
- Lead, mentor, and develop security team members (if applicable)
- Serve as a trusted advisor to executive leadership on cybersecurity risks
- Prepare and/or present board-level cybersecurity reporting
- Develop and deliver organization-wide security awareness programs
- Promote secure behaviors and practices across staff
- Other duties, as assigned
Skills
- 5+ years of experience in cybersecurity
- 2+ years in a leadership or supervisory role
- Relevant security certifications (e.g., CISSP, CISM, CISA)
- Strong knowledge of security frameworks (NIST, ISO 27001, CIS) and programs
- Experience with cloud security, identity management, and network security tools
- Experience with relevant internal and external audits, including managing remediation
- Solid familiarity with incident response and threat management processes
- Strong leadership and communication skills
- Ability to translate technical risk into business impact
- Strong analytical and problem-solving abilities
- Ability to manage multiple projects simultaneously and deliver according to deadlines
- Ability to work both independently with minimal supervision, and as a member of the team, and to be flexible and responsive to various tasks assigned
- Experience working with cross-functional teams and executive stakeholders
- A four-year degree in Cybersecurity, Information Technology, or related field strongly preferred
Benefits
- Flexible Remote and Hybrid work options
- Comprehensive medical, dental, and vision insurance for you and your family
- Employer-provided life and disability insurance
- A Generous Paid Time Off Program
- Best-In-Class 401(k) plan with Company Match
- Company-paid Training and Certification programs
- Mentorship and Coaching opportunities within the Guaranty Association community
- 401(k)
- 401(k) matching
- Dental insurance
- Employee assistance program
- Flexible schedule
- Flexible spending account
- Health insurance
- Health savings account
- Life insurance
- Paid time off
- Parental leave
- Retirement plan
- Tuition reimbursement
- Vision insurance
- Remote Work
Company Overview