Discover Your Dream Job

Grow your career and join a game-changing startup
35
companies
246
Jobs

Head of Security Opertions

Next Insurance

Next Insurance

IT
Kefar Sava, Israel
Posted on Monday, March 25, 2024

Location: Kfar Saba, Israel (hybrid)

NEXT’s mission is to help entrepreneurs thrive. We’re doing that by building the only technology-led, full-stack provider of small business insurance in the industry, taking on the entire value chain and transforming the customer experience.

Simply put, wherever you find small businesses, you’ll find NEXT.

Since 2016, we’ve helped hundreds of thousands of small business customers across the United States get fast, customized and affordable coverage. We’re backed by industry leaders in insurance and tech, and we still have room to grow — that’s where you come in.

We are looking for a Head of security operations and Incident response who will be a key member of the security group at Next Insurance. You will be instrumental in ensuring the security of our cloud and product infrastructure and protecting our customers' data per our security requirements.

You will play a significant role in maturing the company's cloud infrastructure, security data lake architecture and capabilities, and technology frameworks.

You will work with our DevOps, product engineers, DataOps, and IT teams to provide a highly secure environment supporting our products and services.

Being a cloud-first company, automation, detection, and response are key - you will lead the design and development of secure automation practices in an agile environment to support security and compliance of the cloud infrastructure at scale for both production and corporate security infrastructure.

What we need:

  • You have start-up DNA: You have demonstrated an ability to thrive in a dynamic start-up environment or have the DNA to do so.
  • 8+ or more years of security leadership and management experience
  • Experience designing and deploying security controls across all domains, such as access management, data protection, vulnerability management, incident response and management, application security, network security, preventive, detective, and offensive security solutions.
  • Experience securing cloud and SaaS-based infrastructures.
  • Experience leading highly complex, org-wide security change programs
  • Outstanding interpersonal and communication skills; ability to influence both internally and externally and to drive multi-functional alignment and action
  • Experience integrating security in the CI/CD pipeline using configuration management and automation tools.
  • Good understanding of information security architecture, mitigation of threats, and compensating controls.

What you'll do:

You will provide engineering and operational support for leading security tools and deploy and run services that entirely use public cloud services.

You will provide engineering support in the following areas:

  • Lead and manage the security operations team responsible for ensuring the security of our products, platforms, and cloud infrastructure.
  • Develop and execute a comprehensive security strategy that aligns with our core strategic objectives.
  • Work closely with product development teams to embed security best practices and considerations across the entire development lifecycle, ensuring that new features meet the highest trust standards
  • Lead the enhancement of our incident detection & response procedures and protocols, ensuring a proactive and effective response to security incidents.
  • Oversee the evolution of our SOC, implementing cutting-edge technologies and refining processes to ensure the highest level of security monitoring and incident detection.
  • Establish and lead a threat intelligence program, providing valuable insights into the evolving threat landscape and enabling proactive security measures.
  • You’ll work with the broader product security organization to help improve the overall cyber resilience of the NEXT products and services.
  • You will support security verticals (product, workforce, operations, and compliance), executing the security roadmap based on Next Insurance‘s priorities and initiatives.
  • Work with business owners and support developing and deploying solutions aligned with the business priorities.
  • You will provide security infrastructure deployment, service maintenance, change control, support, and system resiliency.
  • Achieve a deep knowledge of our product architecture and real-world usage patterns to gain better business insight into what solutions will deliver the best value for the team.

Don’t meet every single requirement? Studies have shown that some underrepresented people are less likely to apply to jobs unless they meet every single qualification. At NEXT, we are dedicated to building a diverse, inclusive and respectful workplace, so if you’re excited about this role but your past experience doesn’t align perfectly with every qualification in the job description, we encourage you to apply anyways. You may be just the right candidate for this or other roles.

One of our core values is 'Play as a Team'; this means making sure everyone has an equal chance to participate and make a difference. We win by playing together. Next Insurance is an equal opportunity employer and prioritizes building a diverse and inclusive workplace. We provide equal employment opportunities to all employees and applicants of any type and do not discriminate based on race, color, religion, national origin, gender, age, sexual orientation, physical or mental disability, genetic information or characteristic, gender identity and expression, veteran status, or other non-job-related characteristics or other prohibited grounds specified in applicable federal, state, and local laws. Next's policy is to comply with all applicable laws related to nondiscrimination and equal opportunity and will not tolerate discrimination or harassment based on any of these characteristics. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.