Talent.com
Chief Information Security Officer (CISO)
Chief Information Security Officer (CISO)Swyfft • Morristown, New Jersey, USA
Chief Information Security Officer (CISO)

Chief Information Security Officer (CISO)

Swyfft • Morristown, New Jersey, USA
19 days ago
Job type
  • Full-time
Job description

At Swyfft were reshaping the way home insurance and commercial package products are priced and bound. Weve created an insurance experience thats smart instant and designed to deliver unparalleled customer service.

Joining Swyfft means becoming part of a dynamic team of forward-thinkers who thrive on moving fast and delivering exceptional products. We pride ourselves on fostering an environment where creativity and positive energy thrive.

As we continue to grow and expand were on the lookout for experienced professionals like you to join us in transforming the insurance landscape. If youre passionate about leveraging technology to provide the best customer service experience and are ready to be a part of our journey we welcome you to explore opportunities at Swyfft!

About the Position :

Were looking for a CISO who can do two things exceptionally well : build and run a robust security compliance program AND do hands-on technical security work. This isnt a role where youll spend 100% of your time on PowerPoint and vendor questionnaires (though there will be some of that). Youll be reviewing architecture working with our development team on secure design and making real technical decisions.

The immediate challenge : Were transitioning from a limited exemption to full NYDFS (23 NYCRR 500) compliance with our first full certification due April 2026. Youll be building our compliance program while also establishing long-term security practices that actually make us more secure not just check regulatory boxes.

The Reality of Year 1

We want to be transparent : The first year will be challenging. Youll be :

  • Building the TPSP governance program from scratch (we have a lot of vendors)
  • Getting us ready for our first full NYDFS certification (April 2026)
  • Overseeing MFA implementation across thousands of users
  • Documenting and formalizing security practices were already doing

Its going to be a mix of rewarding technical work and necessary compliance grinding. After Year 1 the job shifts more toward proactive security work architecture reviews and continuous improvement.

If you want a CISO role where you only do compliance paperwork this isnt it. If you want a role where you only do technical security with zero regulatory work this also isnt it. But if you want to build a security program thats both compliant AND actually makes the company more secure - and you want to stay technical while doing it - this might be perfect.

  • This position is a 100% remote U.S. based opportunity that can be based in one of the following states only : AL AZ FL GA KY LA MA MO NC NJ NY OH OR PA SC TX UT VA WA WI.

    • Some travel for day-to-day work team meetings and training will be required.

    Key Responsibilities : (What youll be asked to do)

  • Security Program & Compliance (40-50% in Year 1 30% ongoing)

    • Own Swyffts cybersecurity program end-to-end including NYDFS compliance

  • Build and manage our Third-Party Service Provider (TPSP) security governance program (vendor inventory risk assessments security questionnaires ongoing monitoring)
  • Conduct annual risk assessments and coordinate penetration testing
  • Create and maintain security policies incident response plans and business continuity documentation
  • Prepare annual board reporting and regulatory certifications
  • Manage security awareness training program
  • Coordinate incident reporting to NYDFS when required (72-hour notification window)
  • Technical Security Work (50-60% in Year 1 70% ongoing)

    • Oversee implementation of multi-factor authentication (MFA) across our web platform (currently in planning phase)

  • Review and improve security architecture for our C# / .NET applications and infrastructure
  • Work directly with engineering teams on secure development practices and code review for security issues
  • Manage vulnerability assessments and coordinate remediation with engineering
  • Design and implement security controls and monitoring capabilities
  • Evaluate and implement security tooling (SIEM vulnerability scanning etc.)
  • Respond to security incidents and conduct post-incident analysis
  • Review API security authentication / authorization patterns and data protection controls

    • The Successful Candidate : (What were looking for)

  • Pragmatic security mindset : You understand the balance between security and business needs
  • Self-starter : You can build a program from the ground up with limited hand-holding
  • Technical credibility : Engineers respect your technical opinions and will listen to your guidance
  • Efficient with compliance work : You can motor through vendor questionnaires and policy documentation without it consuming your life
  • Clear communicator : You can explain security risks and recommendations to non-security people without drowning them in jargon
  • Comfortable with ambiguity : Were building this program - you wont have a playbook to follow
  • Strongly Preferred
  • Specific experience with NYDFS 23 NYCRR 500 compliance
  • Background in financial services or insurance industry
  • Experience implementing authentication systems (OAuth SAML MFA)
  • CISSP CISM or similar security certification
  • Experience with cloud infrastructure security (AWS Azure or GCP)

    • Some Requirements :

  • 7-10 years in information security with a mix of technical and compliance work
  • Experience with regulatory compliance programs (NYDFS SOC 2 PCI-DSS HIPAA or similar frameworks)
  • Strong technical background - you should be comfortable reviewing C# code understanding web application architecture and discussing database security
  • Proven track record building security programs not just maintaining existing ones
  • Experience working with remote / distributed engineering teams
  • Excellent written and verbal communication skills (youll be explaining security decisions to both engineers and executives)

    • Education :

  • A Bachelors degree in Computer Science Computer Engineering or equivalent work experience is required.

    • Computer Skills :

  • You dont need to be a full-stack developer but you should be able to :
  • Read and understand C# and Typescript code well enough to spot security issues
  • Review system architecture diagrams and identify security concerns
  • Understand web application security (OWASP Top 10 authentication flows API security)
  • Work with SQL databases and understand data protection requirements
  • Evaluate security tools and integrate them into development workflows
  • Were a MS Office environment (Outlook Word Excel Powerpoint)
  • Experience using video and chat technology (MSTeams & Slack)

    • Other :

  • Reliable high-speed internet connectivity required.
  • Designated quiet work from home space.

    • The typical base pay range for this role across the U.S. is : $200000.00 - $220000.00 per year benefits.

    There is a different range applicable to specific work locations. This salary range is a good-faith estimate of what Swyfft may pay for this position at the time of posting. Actual compensation may vary based on skills qualifications and experience. The range reflects annual compensation (as applicable) and does not include bonuses or other incentives that the company may choose to pay at its sole discretion.

    In addition to base compensation Swyfft offers a comprehensive benefit package.

    We Have a Great Benefits Package!

  • Medical Dental and Vision
  • Short- and Long-Term Disability (Company Paid)
  • Voluntary Long-Term Disability
  • Employee Life & AD&D (Company Paid)
  • Voluntary Employee Spouse and Child Life & AD&D
  • Healthcare Dependent Care and Transit FSA and Healthcare Savings Account (HSA)
  • 401K with a generous matching contribution and no vesting schedule
  • 20 days of PTO annually (prorated based on hire date)
  • Company Paid Holidays and 2 Choose Your Own Holidays

    • It is the policy of Swyfft to provide equal employment opportunities to all employees and applicants for employment without regard to race religion color ethnic origin gender gender identity age marital status veteran status sexual orientation disability or any other basis prohibited by applicable federal state or local law. EOE / AA / M / D / V / F.

    If you require accommodations during the application or interview please contact Human Resources at and we will make every effort to accommodate your needs.

    Please Note : Swyfft is not accepting 3rd party agency resumes for this position please do not forward resumes to our careers email address or Swyfft employees. Swyfft will not be responsible for any fees related to unsolicited resumes.

    Required Experience :

    Chief

    Key Skills

    International Development,Information Systems,Community,Information Technology Sales,Corporate Recruitment

    Employment Type : Full-Time

    Experience : years

    Vacancy : 1

    Yearly Salary Salary : 200000 - 220000

    Create a job alert for this search

    Chief Information Security Officer • Morristown, New Jersey, USA

    Related jobs
    Chief Information Security Officer

    Chief Information Security Officer

    Saint Peter’s Healthcare System • New Brunswick, NJ, United States
    Full-time
    Chief Information Security Officer.Saint Peter’s Healthcare System.Develop, implement and monitor a strategic, comprehensive enterprise information security and IT risk management program to ensure...Show more
    Last updated: 11 days ago • Promoted
    Cybersecurity Architect – Engagement Manager

    Cybersecurity Architect – Engagement Manager

    ClifyX • Edison, NJ, United States
    Full-time
    Seeking an Engagement Manager that will be responsible for designing security platforms, applications, and tools to deliver against the customer Infosec strategy and programs.The candidate would co...Show more
    Last updated: 5 days ago • Promoted
    Business Information Security Support

    Business Information Security Support

    VDart Inc • New Brunswick, New Jersey, USA
    Full-time
    Business Information Security Support for Technology Services.Onsite in New Brunswick NJ (5 days / week).Support new implementations by assessing security controls using standard security user storie...Show more
    Last updated: 19 days ago • Promoted
    Chief Information Security Officer

    Chief Information Security Officer

    Saint Peters Healthcare System • New Brunswick, NJ, United States
    Full-time
    Chief Information Security Officer.Develop, implement and monitor a strategic, comprehensive enterprise information security and IT risk management program to ensure that the integrity, confidentia...Show more
    Last updated: 9 days ago • Promoted
    Sr. Risk Analyst

    Sr. Risk Analyst

    SHI International • Somerset, NJ, United States
    Full-time
    Since 1989, SHI International Corp.We've grown every year since, and today we're proud to be a $16 billion global provider of IT solutions and services. Over 17,000 organizations worldwide rely on S...Show more
    Last updated: 12 days ago • Promoted
    Head of Infrastructure Security

    Head of Infrastructure Security

    Citizens • Iselin, NJ, United States
    Full-time
    Head of Infrastructure Security.Location : Iselin, NJ (Preferred), Johnston, RI, Westwood, MA, Boston, MA, Phoenix, AZ, Plano, TX, Columbus, OH. Department : Information Security.Reports To : Chief Inf...Show more
    Last updated: 13 days ago • Promoted
    Strategic CISO : Lead Enterprise InfoSec & Risk Management

    Strategic CISO : Lead Enterprise InfoSec & Risk Management

    Saintpetershcs • New Brunswick, NJ, US
    Full-time
    A healthcare organization in New Jersey is seeking a Chief Information Security Officer to lead their information security strategy. This role requires extensive experience in risk management and IT...Show more
    Last updated: 13 hours ago • Promoted • New!
    Deputy CISO (Hybrid)

    Deputy CISO (Hybrid)

    Selective Insurance • Millburn, NJ, United States
    Temporary
    At Selective, we don't just insure uniquely, we employ uniqueness.Selective's unique position as both a leading insurance group and an employer of choice is recognized in a wide variety of awards a...Show more
    Last updated: 6 days ago • Promoted
    Cybersecurity Analyst

    Cybersecurity Analyst

    Trilyon, Inc. • Marlboro, New Jersey, USA
    Full-time
    Cloud Technology AI / ML Software Development Technical Writing and Digital Transformation.We partner with top companies to deliver high-quality talent in engineering IT and emerging technologies.For...Show more
    Last updated: 16 days ago • Promoted
    Head of Infrastructure Security

    Head of Infrastructure Security

    Citizens Bank • Iselin, NJ, United States
    Full-time
    Head of Infrastructure Security.Iselin, NJ (Preferred), Johnston, RI, Westwood, MA, Boston, MA, Phoenix, AZ, Plano, TX, Columbus, OH. Chief Information Security Officer (CISO).Citizens Bank is seeki...Show more
    Last updated: 12 days ago • Promoted
    Chief Information Security Officer (CISO)

    Chief Information Security Officer (CISO)

    Swyfft • Morristown, NJ, United States
    Full-time
    At Swyfft, we're reshaping the way home insurance and commercial package products are priced and bound.We've created an insurance experience that's smart, instant, and designed to deliver unparalle...Show more
    Last updated: 16 days ago • Promoted
    Information Security Manager

    Information Security Manager

    Halcyon Support • Newark, NJ, United States
    Full-time
    In this role, you will lead strategic initiatives to protect sensitive information, manage threat intelligence programs, and ensure compliance with relevant regulations. You will also collaborate cl...Show more
    Last updated: 30+ days ago • Promoted
    Chief Information Security Officer (CISO)

    Chief Information Security Officer (CISO)

    1Kosmos • Iselin, NJ, United States
    Full-time
    Kosmos is a growing startup revolutionizing identity and authentication solutions.We're seeking a hands-on security leader who thrives in a technical, fast-paced environment and is ready to build a...Show more
    Last updated: 16 days ago • Promoted
    Vice President of Cybersecurity & Deputy CISO

    Vice President of Cybersecurity & Deputy CISO

    ADP • Roseland, NJ, United States
    Full-time
    The VP of Cybersecurity & Deputy CISO will serve as a trusted advisor and operational leader, helping to safeguard our digital assets, ensure continuous improvements to security services, and drive...Show more
    Last updated: 16 days ago • Promoted
    Chief Information Officer

    Chief Information Officer

    University Hospital • Newark, NJ, US
    Full-time
    The Chief Information Officer (CIO) ensures that technology systems and procedures at University Hospital lead to positive outcomes in line with business, patient, and service goals.The role of the...Show more
    Last updated: 30+ days ago • Promoted
    Senior Manager, EHSS Systems Implementation

    Senior Manager, EHSS Systems Implementation

    Bristol Myers Squibb • New Brunswick, New Jersey, USA
    Full-time
    Those arent words that are usually associated with a job.But working at Bristol Myers Squibb is anything but usual.Here uniquely interesting work happens every day in every department.From optimizi...Show more
    Last updated: 14 days ago • Promoted
    Information Security Manager

    Information Security Manager

    Atlas Systems • East Brunswick, NJ, United States
    Full-time
    Software Solutions company headquartered in East Brunswick, NJ.Incorporated in 2003, Atlas provides comprehensive range of solutions in the area of GRC, Technology, Procurement, Healthcare Provider...Show more
    Last updated: 10 days ago • Promoted
    Chief Information Security Officer

    Chief Information Security Officer

    Saint Peter's Healthcare System • New Brunswick, NJ, United States
    Full-time
    Chief Information Security Officer.The Chief Information Security Officer will : .Develop, implement and monitor a strategic, comprehensive enterprise information security and IT risk management prog...Show more
    Last updated: 12 days ago • Promoted