Director, IT Information Security

Company: AAA Life Insurance Company
Location: Boston
Posted on: June 2, 2025

Job Description:

OverviewWe are seeking a Director of IT Security to lead and mature our enterprise security program, strengthen our cyber defense posture, and ensure risk-aligned, business-driven protection across a rapidly evolving technology landscape. You'll drive security strategy, lead cloud and infrastructure security initiatives, and embed resilience into every layer of our operations. This role is ideal for a strategic thinker who thrives on solving complex challenges, building high-performing teams, and fostering a security-first culture. You'll collaborate across the organization to align security efforts with business goals, manage regulatory compliance, and protect critical systems and data in an environment where trust, speed, and innovation are essential.Responsibilities

• Build, lead, and develop a high-performing team responsible for cybersecurity operations, information security, and IT internal controls, fostering a culture of accountability, risk awareness, and continuous improvement.
  • Design, implement, and continuously evolve a strategic cybersecurity program that establishes the organization's vision, direction, and roadmap, ensuring alignment with business objectives, regulatory requirements, and contractual obligations.
    • Develop, maintain, and enforce security policies, technical standards, and operating procedures to consistently protect information assets and meet compliance expectations.
      • Lead cross-functional teams to design and implement enterprise-wide technical security controls across systems, networks, and cloud environments.
        • Manage and enhance the company's security awareness and training initiatives to strengthen organizational security culture and reduce human-related risks.
          • Monitor cybersecurity performance and IT control effectiveness using defined metrics, and provide regular insights to IT and executive leadership.
            • Act as the primary point of contact for Internal Audit, coordinating cybersecurity, IT controls, and risk management audits from planning through response and remediation.
              • Ensure comprehensive integration of cybersecurity principles into business strategies, disaster recovery, business continuity, access management, incident response, and enterprise risk management activities.
                • Lead security incident response efforts, including containment, investigation, root cause analysis, corrective actions, and lessons learned to prevent future breaches.
                  • Oversee the creation, maintenance, and submission of required security compliance documentation to satisfy regulatory, contractual, and audit requirements.Qualifications
                    • Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field required; Master's degree preferred.Industry-recognized certifications required (e.g., CISSP, CISM, CRISC, CISA).12-15+ years of progressive experience in IT, with at least 7 years focused on cybersecurity leadership, governance, and risk management.Proven experience building and leading security teams, with responsibility for security operations, incident response, identity and access management, and regulatory compliance.Deep expertise across multiple domains such as enterprise security architecture, cloud security, vulnerability management, IT controls, and threat intelligence.Demonstrated success in aligning cybersecurity strategy with business objectives and managing risk across complex, hybrid IT environments.Strong background in audit coordination, security assessments, and regulatory frameworks preferably NIST CSF, PCI DSS, HIPAA, and ISO 27001.Experience leading the development of security-related RFPs, vendor evaluations, and contract negotiations.Industry-recognized certifications required (e.g., CISSP, CISM, CRISC, CISA).What We Offer:
                      • A collaborative, energetic work environment where you can put your passion for people to work
                      • Medical, Dental, Vision, Life and Disability coverage available day one
                      • Pension Plan
                      • Performance-based incentive plan
                      • 401k available with a Company match
                      • Holidays and Paid Time Off
                      • AAA Basic Membership
                        #J-18808-Ljbffr

Keywords: AAA Life Insurance Company, Brookline , Director, IT Information Security, Executive , Boston, Massachusetts