ABOUT BESTOW
Bestow is the leading digital platform for life insurance. As both a direct-to-consumer destination and an infrastructure provider, Bestow is on a mission to make life insurance accessible to millions of underserved families.
We strive for work-life balance and believe happy employees make for better experiences and happier customers. It’s a model that helped us land on Forbes’ Best Startup Employers 2021 and 2022 lists!
ABOUT THE TEAM
You will support our company-wide Security Program and will be responsible for developing and running the Security Governance Program to protect our customers and company data.
You are a subject matter expert in Cyber Security Frameworks, have experience in control testing, have participated and contributed to numerous audits throughout your career, and have experience navigating the regulatory security control requirements - both Federal and State levels.
You are a highly experienced governance, risk, and compliance expert with a focus on Cyber Security. You are skilled at building a strong partnership with business leaders and co-workers to help process owners be successful during audits. You have a passion for educating individuals on the importance and business impact of conducting audits and have a knack for creating buy-in.
Open to Austin, TX, Dallas, TX, Remote (US) #LI-Remote
THIS ROLE REPORTS TO
Chief Security Officer
THE ROLE
Design and implement effective and efficient information security control processes that support and drive compliance to Bestow Information Security Policies, Standards, and applicable regulatory requirements. Act as Project Manager for the CSO's office, taking the lead on initiatives and implementations, guiding projects to completion on time and on budget.Lead and collaborate with IT, Legal, Finance, Insurance Operations, External Examiners, and business areas appropriate during audit exams. Collaborate with internal stakeholders, gather information, create reports, and analyze the state of security and controls against best practices. Act as project lead for Security related initiatives partnering with Business leaders to ensure buy-in for corporate-wide Security improvements. Partner with Legal, IT, and the CSO to work with external auditors during gap assessments and audit engagements.Partner with IT to collect required artifacts for audit.Establish and lead a Business Continuity steering committee to ensure continuity objectives are completed annually, and documentation is completed with the most thorough and accurate information.Partner with third parties to conduct assessments and exercises that benefit the maturity of Business Continuity, Disaster Recovery, and Incident Response initiatives. Conduct periodic training for employees to include tabletop exercises that improve Business Continuity, Disaster Recovery, and Incident Response. Act as a lead during incidents to ensure the policy is followed and all necessary artifacts are retained. Coordinate with law enforcement and third-party digital forensics as appropriate.Produce metrics that demonstrate and measure the current efficacy of the Business Continuity Program, including Disaster Recovery and Incident Response.
YOUR EXPERIENCE
10 years of Information Security Experience.Industry Information Security certifications (ie. CISSP, CISM, Security+).A self-starter, comfortable working with cloud infrastructure, software development, and information security risk issues.Prior experience working with external auditors and auditing firms to review internal controls and collect accurate evidence for assessments.Familiar with Risk Management frameworks and common industry methodologies for addressing risk.In-depth knowledge of Industry Standard Security controls, tools, and processes and experience implementing Controls to meet audit requirements.Knowledge of information technology and/or Business Continuity and Incident Response frameworks and common practices.Ability to develop security policies, standards, and guidelines based on best practices and industry frameworks.Excellent interpersonal, communication, and presentation skills, including formal report writing experience.Information security governance, risk, and/or compliance experience in Life Insurance & Financial Services or federal/state/local government including documenting risk and compliance activities.
TOTAL REWARDS
Competitive salary and equity based on role
Annual bonus based on company and individual performance
Flexible PTO plan
100% paid premiums for medical, dental, and vision insurance
Paid parental leave
Annual lifestyle spending account to support your physical, emotional, and financial wellbeing
Flexible work-from-home policy and open to remote
Learning & Development opportunities
We value diversity at Bestow. We hire, recruit, and promote without regard to race, color, religion, sex, sexual orientation, gender identity or expression, national origin, pregnancy or maternity, veteran status, or any other status protected by applicable law. We understand the importance of creating a safe and comfortable work environment and encourage individualism and authenticity in every member of our team.
