Jobs · Information Technology · New York

Business Information Security Officer

Tokio Marine HCC · Buffalo-Niagara Falls Area · 1 wk ago
Information Technology$157k–$346k/yrFull-time

About the role

The Business Information Security Officer, North America P&C serves as the senior security leader and strategic partner to the North America P&C business and technology organizations. Reporting to the Chief Business Technology Officer, North America P&C, this role works across business units to improve transparency, accelerate security outcomes, and strengthen the organization’s ability to operate securely and resiliently.

Responsibilities

  • Partner with enterprise security teams to shape and influence security policies, standards, implementation approaches, and business-aligned security priorities.

  • Manage segment security posture in alignment with the security ambassador scorecard and supplement enterprise scorecard reporting with segment-level controls.

  • Ensure strong understanding of enterprise security requirements and identify gaps, inconsistencies, and implementation challenges across business units.

  • Translate enterprise security objectives into practical, actionable plans for North America P&C.

  • Provide leadership visibility into security posture, risks, remediation progress, and operational challenges.

  • Facilitate alignment between enterprise security, business leadership, and technology teams to improve consistency, execution, and accountability.

  • Develop a deep understanding of the technology landscape across federated business units, including applications, infrastructure, platforms, integrations, and operational processes.

  • Partner with business and technology leaders to define security roadmaps aligned to business priorities and operational realities.

  • Drive adoption of secure-by-design principles and proactive security practices across new initiatives, technology changes, and transformation efforts.

  • Promote early security engagement during planning, architecture, engineering, and delivery phases.

  • Help business units prioritize and accelerate remediation of critical vulnerabilities and control gaps.

  • Collaborate with architecture teams to recommend security-focused architectural improvements and strategic technology direction.

  • Identify systemic blockers impacting security outcomes and recommend practical solutions to improve execution velocity.

  • Partner with the PMO and leadership teams to influence funding, prioritization, and sequencing decisions related to security initiatives.

  • Advocate for investments that improve resilience, reduce operational risk, and strengthen long-term security maturity.

  • Support enterprise and business-led transformation initiatives to ensure security considerations are embedded appropriately.

  • Design and implement a remediation-focused Center of Excellence supporting the broad technology landscape of North America P&C.

  • Build scalable processes, standards, and engineering practices that improve remediation consistency and effectiveness.

  • Provide advisory and hands-on support to business units on architecture, engineering, vulnerability remediation, and secure implementation practices.

  • Establish repeatable approaches to accelerate remediation timelines and improve risk reduction outcomes.

  • Drive collaboration between infrastructure, engineering, application, cloud, and security teams to improve execution and accountability.

  • Develop meaningful metrics, reporting, and dashboards that provide transparency into security posture, remediation progress, operational risks, and business impact.

  • Monitor emerging risks, technology changes, and operational trends that may impact the organization’s security posture.

  • Promote measurable outcomes and data-driven decision-making across security and technology initiatives.

  • Support cyber resilience, recovery preparedness, and operational continuity initiatives across the organization.

Qualifications

  • You have 10+ years of experience in information security, cybersecurity, technology risk, or enterprise technology leadership roles.

  • You have experience working within complex, federated, or multi-business-unit organizations.

  • You have demonstrated success partnering with senior technology and business leaders to drive security transformation, operational improvements, and risk reduction.

  • You bring strong knowledge of enterprise security frameworks, vulnerability management, remediation practices, security architecture, and operational risk management.

  • You are comfortable influencing enterprise governance, technology prioritization, and strategic investment decisions.

  • You have familiarity with cloud technologies, infrastructure security, application security, identity and access management, and cyber resilience practices.

Preferred Experience

  • Experience within insurance, financial services, or another highly regulated industry.

  • Experience leading or building security engineering, remediation, or security operations functions.

  • Experience working with PMO, enterprise architecture, and governance organizations.

  • Familiarity with secure-by-design practices and modern software development and cloud engineering methodologies.

  • Experience presenting to executive leadership and driving cross-functional alignment.

What You Bring

  • You have a Bachelor’s degree in Information Security, Computer Science, Information Technology, Engineering, or a related field.

  • You have relevant certifications such as CISSP, CISM, CRISC, SABSA, or equivalent industry certifications.

  • You are a strategic thinker with strong operational execution capability.

  • You are a collaborative leader capable of influencing across business and technology functions.

  • You are a strong communicator with excellent stakeholder management skills.

  • You are pragmatic and solutions-oriented, with the ability to balance security, operational, and business objectives.

  • You have a data-driven mindset with the ability to translate complex risks into actionable priorities.

  • You are comfortable operating in fast-moving environments with competing priorities and organizational complexity.

Similar jobs

Information Security Specialist

Resource Management Concepts, Inc.Port Hueneme, CA· 2 wk ago
Information Technology$104k–$146k/yrapply on apply.workable.com

Information Security Specialist

Tactica Solutions, LLCMiami, FL· 2 mo ago
Information Technology$100k–$120k/yrapply on careers-tactica-solutions.icims.com