Information Security Officer

**Mission**:
At Root, we believe that the future of insurance is **digital**, **personalised** and **embedded**.

Our mission is to grow insurance businesses into this future by providing the infrastructure that makes it possible.

Your role as an Information Security Officer will be pivotal in crafting and executing a comprehensive information security strategy. This strategy will safeguard our vital data and technology systems, underpinned by DevOps methodologies to ensure efficiency and cost-effectiveness.

**Outcomes**:

- **Operational Security and Compliance**: Ensure compliance and manage technical operations to maintain a seamless and secure infrastructure.
- **Strategic Leadership**: Develop and maintain a low-maintenance, cost-effective, and well-architected AWS environment, making strategic decisions that align with company goals, including the deployment of isolated, geo-specific private stacks for data sovereignty.
- **Data Sovereignty**: Ensure that customer data is stored in private, easily deployable stacks that comply with local data residency laws, facilitating secure and isolated data handling.
- **Capacity Building**: Establish Root as a leader in security by expanding our in-house expertise and capabilities.

**Role Responsibilities**:

- Develop and implement a strategic information security plan.
- Lead projects from inception to completion, integrating best practices.
- Advance and refine Root’s Zero Trust security measures.
- Develop and implement a strategic information security plan that includes data sovereignty considerations, ensuring compliance with local and international data protection regulations. You will need to work with the legal team here.
- Design, deploy, and automate AWS resources using Infrastructure as Code, with a focus on implementing Private Links and other features that secure and isolate customer infrastructures according to geographic and regulatory requirements.
- Lead the development of a scalable, stable, and secure platform.
- Enhance team skills and knowledge, particularly in AWS, fostering a culture of continuous improvement and certification.

**Competencies**:

- Strong empathy for the developer experience throughout the software development lifecycle.
- Deep understanding of SOC2 compliance, able to articulate the importance of security measures to non-technical stakeholders.
- Expertise in AWS architecture, security, reliability, cost optimization, and performance efficiency.
- Skilled in security monitoring, Infrastructure as Code (Terraform), and DevOps practices including CI/CD.
- Knowledgeable in data privacy, business continuity, and network security.

**Desirable Experience**:

- At least 10 years in software engineering with a focus on solutions architecture and enhancing developer experiences via DevOps.
- AWS certifications and experience with Zero Trust architectures and continuous compliance are highly valued.

**Personality Traits**:

- Exceptional time management and self-motivation.
- Confident, low ego, optimistic, and driven by data-backed decisions.
- Advocates for automation and efficient workflows.

**Root Values**:

- **Lead by example**:“Lean in, take charge, and always set a positive precedent.”
- **Exceed expectations**:“Know your customer to delight your customer.”
- **Rally as one team**:“Put aside egos and personal agendas to triumph as one.”
- **Own the mission**:“Your job is not done until the job is done.”
- **Rise to the challenge**:“Meaningful change requires meaningful effort and the courage to make bold moves.”

**How we enable success**:
Our team is made up of smart, passionate, and kind individuals working together to build a world-class business. We take the time to develop personal relationships with each other. Over and above daily team lunches, we do frequent team outings and ad-hoc adventures.

We create and enable an environment for people to do their best work. To support this, we focus on a culture of autonomy, transparency and trust. As a startup, we care _a lot _about innovation, and believe in an iterative way of working to drive innovation forward. We encourage each other and foster a working culture of sharing early versions of our work and implementing feedback fast.

**Why join us?***:
We have ambitious goals. Our mission is to power innovators in insurance, globally, and we’re well on our way there. You’ll join at a very exciting part of the journey, and your contribution over the next few years will directly and visibly impact Root’s global success. Our team is incredibly friendly and collaborative. If you care about solving challenging problems with people you enjoy being around, this is the place for you.