Overview:
As a Senior Security Lead at Origami, you will be responsible for ensuring the security and integrity of our cloud environments, including infrastructure, applications, and data, as well as security for the organization as applicable. You will play a critical role in defining and recommending security measures to protect against cyber threats and safeguard sensitive information stored in our cloud environments and collaborating and promoting security across departments.
Responsibilities:
- Collaborates with the CISO to define and execute a comprehensive cyber security strategy for Origami Risk, aligned with the organization's security objectives and IT strategies.
- Identifies security goals, priorities, and initiatives based on industry best practices, business requirements, and risk assessments.
- Collaborates with GRC to drive operational excellence by monitoring and measuring the effectiveness of security controls, conducting regular assurance and assessments, and implementing continuous improvement initiatives.
- Fosters effective communication and collaboration channels to promote information sharing and consistent security practices across Origami Risk.
- Creates guidelines and standards for the secure use of cloud technologies.
- Evaluates new tool/vendor security posture and proof of concept use cases/integrations.
- Ensures compliance with relevant regulations, standards, and certifications pertaining to physical and information security, such as ISO 27001, SOCII and industry-specific guidelines. Conducts audits and assessments to verify compliance and address any non-compliance issues proactively.
- Continuously assesses and improves security processes, procedures, and systems to address emerging threats and vulnerabilities and enhances the overall security posture of our SaaS cloud environments.
- Improves, drives, and communicates change, supporting a security methodology within the organization.
- Participates in the planning and implementation of all processes related to continuous integration, continuous delivery.
- Manages the deployment and implementation of information security tools, including SIEM, system monitors, access control, and other specific cloud security controls.
- Other duties as assigned.
Qualifications:
- Bachelor’s Degree required.
- 7+ years of Information Technology experience, with demonstrated, hands-on experience across multiple domains, e.g., Application CICD, Cloud Infrastructure, Endpoint Management/Defense, Information Security products.
- 2+ years of direct Cloud IaaS/PaaS experience, AWS preferred.
- Motivated self-starter capable of working independently while also collaborating with other team members.
- Experience securing public cloud environments such as Amazon AWS, GCP or Microsoft Azure.
- Knowledge of cloud delivery, cloud services, leading security practices, and deployment models for Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS) offerings.
- Knowledge of good industry practice in tiered security architecture design.
- Ability to create reference architecture diagrams, security standards, and other documentation.
- (Preferred) Experience with Cloud Security Alliance (CSA), FISMA & FedRAMP compliance, ISO 27001/2 and NIST 800-53 security controls.
- (Preferred) Experience with SSAE 16/18 SOC audits.
- (Preferred) Relevant security certifications (i.e., CompTIA Security+, CISSP, CISA).
- (Preferred) Working knowledge of security frameworks, development, test, and deployment models.
Who We Are:
Origami Risk provides integrated SaaS solutions to organizations across the risk and insurance ecosystem — from insured corporate and public entities to brokers and risk consultants, insurers, third party claims administrators (TPAs), and risk pools. We deliver our risk management and insurance core system solutions from a cloud-based platform that is highly configurable, completely scalable, and accessible via web browser and mobile app.
Dais Technology, a subsidiary of Origami Risk, provides a no-code platform that revolutionizes insurance product creation for MGAs, insurers, and reinsurers. Dais’ event-based architecture enables AI-driven bundling, automation, and real-time deployment.
Solutions from Origami Risk and Dais Technology are backed by a best-in-class service team of experienced risk and insurance professionals who possess a balance of industry knowledge and technological expertise. A singular focus on helping clients achieve their business objectives underlies our approach to developing, implementing, and supporting our risk management, safety, compliance, and insurance core system technology solutions.
Origami Risk is proud to be an equal opportunity employer. We thrive and benefit from diversity and are committed to creating an inclusive and equitable environment for all employees. We do not discriminate against any individual based upon race, religion, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, color, sex, national origin, age, marital status, military or veteran status, disability, or any other characteristic protected by applicable law.
#J-18808-Ljbffr