Director Information Security

Description: Aspire General Insurance Company and its affiliated general agent, Aspire General Insurance Services, are on a mission to deliver affordable specialty auto coverage to drivers without compromising outstanding service. Our company values can best be described with ABLE: to always do the right thing, be yourself, learn and evolve, and execute. Join our team where every individual takes pride in driving their role for shared success. JOB SUMMARY: Aspire General Insurance, a leader in non-standard auto insurance, is seeking a hands-on and strategic Director of Information Security to develop, implement, and maintain the company's information security program. This role is responsible for protecting sensitive customer data, ensuring compliance with regulatory standards, and strengthening our overall cyber risk posture in a cloud-native, AI-enabled environment. Key Responsibilities: • Develop and lead the enterprise-wide information security strategy, including governance, risk management, threat detection, and incident response. • Manage and mature security operations, vulnerability management, and access controls. • Own compliance with regulatory frameworks (e.g., NAIC Model Law, GLBA, PCI-DSS, SOC 2) relevant to the insurance industry. • Collaborate with IT, legal, and claims teams to embed security into infrastructure, applications, and third-party vendor relationships. • Oversee risk assessments, penetration testing, and security audits; prioritize and remediate findings. • Lead response to security incidents, including detection, containment, communication, and recovery. • Evaluate and implement modern security technologies, particularly in cloud environments (e.g., Azure security tools). • Educate employees on security awareness and develop policies for secure use of systems and data. • Supervise and grow a small but high-performing InfoSec team and contractors. Requirements: Qualifications: • 8+ years in information security roles, with at least 3 years in a leadership capacity. • Deep knowledge of cybersecurity principles, risk frameworks, and regulatory requirements. • Experience with cloud security (AWS or Azure), identity and access management (IAM), SIEM tools, endpoint protection, and zero trust architectures. • Track record of managing security programs in regulated industries such as financial services or insurance. • Familiarity with third-party risk management and secure SDLC practices. • Excellent communication and incident-handling skills. • Knowledge of SOC 2, ISO 27001, and/or NIST frameworks. • Bachelor's degree in Information Security, Computer Science, or related field (CISSP, CISM, or similar certification strongly preferred). Preferred Experience: • Experience working with or securing AI/ML platforms and data pipelines. • Experience with security considerations in insurance claims and policy systems (e.g., PII, policy documents). Benefits: Medical, Dental, Vision, HSA*, PTO, 401k, Company Observed Holidays Individuals seeking employment at Aspire General Insurance Services LLC are considered without regards to race, color, religion, national origin, age, sex, marital status, ancestry, physical or mental disability, veteran status, gender identity, or sexual orientation in accordance with federal and state Equal Employment Opportunity/Affirmative Action record keeping, reporting, and other legal requirements. • Dependent on plan selected Apply tot his job