VP, Chief Information Security Officer

VP, Chief Information Security Officer | 100% Remote (WFH) Opportunity

General Summary:

EMPLOYERS is a century‑old specialty insurance company in the midst of a deliberate technology modernization designed to reshape how the business competes, distributes, and operates. The Chief Information Security Officer will join at a pivotal moment: when security is not yet fully integrated into the fabric of the business, and when the choices made in the next two years will determine whether security enables EMPLOYERS ambitions or merely trails behind them.

This is not a role for a technician with an executive title. It is a role for a security leader who thinks strategically, communicates fluently with board members and business unit leaders, and understands that the measure of a security program is not how many controls are deployed: it is whether the business can pursue its goals with confidence.

The CISO will report to the Chief Information Officer and will serve as a member of the senior technology leadership team. The security program being built here is still early: existing capabilities without a unifying structure, direction, or connection to business outcomes. That is not a liability. For the right leader, it is a rare opportunity to build something that matters from the ground up.

What This Leader Will Do

Build the Program

EMPLOYERS has security capability. What it does not yet have is a cohesive program: one organized around business outcomes, governed with clear accountability, and staffed to the right skill profile. The CISO will design and implement that program from strategy to execution, building on existing strengths while closing gaps with precision rather than excess.

• Define and operationalize a multi-year Security and Resilience Strategy aligned to the CIO's technology modernization goals
• Establish a program structure, operating rhythm, and governance model that are sustainable beyond any single leader's tenure
• Right-size the team, prioritizing critical thinking and adaptability over headcount and developing existing talent toward higher capability
• Implement outcome-based metrics that communicate security posture in terms business leaders can understand and act on
• Drive rationalization of the existing security technology portfolio, ensuring tools in use are delivering value and directing investment toward genuine capability gaps

Enable the Business

EMPLOYERS is investing in modernization because it needs to compete differently. That modernization introduces new technology, new partners, new platforms, and new risk. The CISO will be present in those decisions (not as a reviewer after the fact, but as a participant in the design).

• Serve as a trusted advisor to the CIO, executive team, and Board's Technology Risk and Innovation Committee on security, resilience, and risk
• Embed security into technology modernization initiatives, including CRM, AI adoption, and digital distribution, at the architecture stage rather than the compliance review stage
• Develop peer relationships with business unit leaders that make security a collaborative discipline rather than a control function
• Translate security risk into business consequence in language that informs strategic decisions, not just technical ones

Govern with Discipline

EMPLOYERS operates in a regulated environment. New York Department of Financial Services (NYDFS) cybersecurity requirements, Nevada insurance regulations, CPPA, and emerging AI governance frameworks create a fiduciary obligation, not simply a compliance burden. The CISO will manage that obligation as a strategic responsibility.

• Ensure ongoing compliance with NYDFS Part 500 and applicable state and federal regulatory requirements
• Lead development and validation of business continuity and disaster recovery capabilities through regular tabletop exercises and operational testing
• Establish a risk communication cadence, to the CIO and to the Board, that keeps leadership accurately informed and appropriately engaged
• Build governance processes that move at the speed of the environment, not the speed of the annual audit cycle

What This Role Is Not

This position is not a compliance management role. It is not a technology procurement role. It is not a role for a leader who builds influence by controlling access to security decisions rather than by expanding the organization's ability to make good ones.

The CISO who will succeed here will be comfortable with ambiguity, energized by building, and capable of leading a small team of strong people toward outcomes that matter, without the organizational machinery that larger enterprises provide. They will know when to bring in expertise and when to develop it internally. They will earn authority through credibility, not through organizational position.

What We Are Looking For

Experience and Background

• Ten or more years of progressive security leadership experience, including demonstrated accountability for security programs in regulated industries
• Proven experience building or substantially rebuilding a security program (not simply maintaining one) with a small, high-capability team
• Insurance, financial services, or similarly regulated industry experience preferred; a track record of navigating complex regulatory environments is essential
• Experience leading security functions through significant technology transformation, including cloud migration, digital platform development, AI adoption, or equivalent
• Direct experience presenting to and advising boards of directors or executive risk committees on security posture, strategy, and material risk

Leadership and Influence

• Ability to build genuine peer relationships with business leaders, building working partnerships grounded in shared business goals rather than transactional compliance relationships
• Executive presence and communication skills capable of translating complex security concepts into clear business language for non-technical audiences
• Track record of developing team members by identifying capability gaps and investing in people rather than compensating with headcount or tooling
• Comfort operating in organizations where the path forward must be created, not inherited; the instinct to build structure without over-engineering it
• The judgment to distinguish between what needs to be stable and what needs to adapt continuously, and the organizational credibility to lead both

Intellect and Approach

This role requires:

• A critical thinker who can reason about adversary behavior, business consequence, and organizational capability without defaulting to vendor frameworks or tool-generated outputs
• An operator who defines success by outcomes (what the business can do securely), not by activity metrics, control coverage percentages, or audit findings resolved
• A communicator who can reframe security risk as business intelligence and make that intelligence genuinely useful to executive and board audiences
• A builder who can create governance processes that keep pace with modern digital environments, not governance designed for infrastructure that no longer exists
• A leader who invests deliberately in the analytical judgment of their team, because that judgment is the asset that no tool can replicate and no adversary can simply automate around

Technical Scope

• Comprehensive understanding of enterprise security architecture across cloud, hybrid, and on-premises environments
• Familiarity with AI security risk, including model integrity, data pipeline security, and third-party AI supply chain considerations
• Working knowledge of NYDFS Part 500, NIST CSF, CPPA, and applicable insurance regulatory requirements
• Experience with security technology portfolio management, including evaluating, rationalizing, and governing tools across the security stack
• Proficiency with business continuity and disaster recovery program design and operational validation

Location and Compensation.

Work Environment

This position is fully remote, with minimal travel expected. The CISO will maintain regular virtual engagement with the CIO organization, executive leadership team, and board-level stakeholders.

• This role potentially and will routinely use office equipment such as computers, phones, printers, and web conferencing technology as examples.
• This is largely a sedentary role; however, some mobility is required.
• May work early, late, or occasional weekend hours to accommodate business needs.
• Occasional lifting of a maximum of 30lbs.
• Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

Compensation:

EMPLOYERS offers a competitive executive compensation package including base salary, annual incentive, long-term equity participation, and a comprehensive benefits program commensurate with the seniority and scope of this role

Base Salary Range: $155,000 - $225,000 please follow the link to our benefits page for additional details! EMPLOYERS Benefits and Perks

About EMPLOYERS:

As a dynamic, fast-growing provider of workers' compensation insurance and services, we are seeking a goal-oriented individual willing to put their ideas to work!

We offer a positive, challenging work environment, combined with an opportunity to build your career as you help us grow our business, in innovative and imaginative ways that are uniquely EMPLOYERS®!

Headquartered in Nevada, EMPLOYERS attributes its long-standing success to its most valuable resource, our employees across the United States. EMPLOYERS is known for the quality service and expertise we provide to our clients, and the exemplary work environment we provide for our employees.

We live and breathe our core values: Integrity, Customer Focus, Collaboration, Initiative, Accountability, Innovation, and Personal Fulfillment. These are the pillars that support how we do business with our clients as well as how we treat each other!

At EMPLOYERS, you’ll discover an energetic environment that inspires top achievement. As “America’s small business insurance specialist”, we have the resources, a solid reputation and an expanding nationwide identity to enrich your work/life and enhance your career. #LI-Remote

Click our link to learn more! About EMPLOYERS