Job Specifications
Head of Security Engineering & Risk - Director Level
Base salary range: $160,000 - $180,000 per year. Additional compensation: Annual bonus. Overview
This role is designed for a technically credible security leader who wants more than steady-state security operations. We're partnering with a fast-scaling, private-equity-backed insurance agency operating across multiple business units and acquired entities. Security is already valued, and the next step is to evolve it into a centralized, engineering-led security function capable of supporting continued growth. Importantly, this role offers a natural progression into VP of Security and ultimately CISO, for someone who demonstrates both technical depth and executive judgement. Identity & Access Management (Foundational)
Identity underpins everything here.
Microsoft Entra ID/Azure AD architecture and governance
Conditional Access, MFA strategy, Zero Trust identity models
Privileged Identity Management (PIM) and RBAC
Identity lifecycle management across employees, vendors, and acquisitions
SaaS security via SSO, SCIM, and risk-based access controls Endpoint, Device & User Security
You'll own protection for a highly distributed, business-critical user base.
Endpoint hardening across Windows and macOS
Device compliance and conditional access enforcement
Email security, phishing defense, and user-centric threat mitigation
Balancing real security with productivity and usability Cloud & SaaS Security (Pragmatic, Not Theoretical)
Securing SaaS applications and cloud workloads
CASB/SaaS Security Posture Management concepts
Data protection, DLP, and sensitive data classification
Partnering with infrastructure and architecture teams on secure-by-design systems
SIEM and security monitoring platforms
Alert tuning and detection engineering
Incident response planning, tabletop exercises, and real incidents
Playbook creation and cross-functional coordination during security events M&A & Multi-Entity Security (Highly Valued)
Integrating newly acquired companies into a common security baseline
Identity consolidation across tenants and environments
Managing risk pragmatically during post-acquisition transitions
Operating in environments where perfect isn't possible on day one MSP & Service-Provider Experience (Strong Plus)
Comfort operating across multiple clients, systems, and maturity levels
Ability to prioritize risk quickly and communicate clearly
Experience owning outcomes without ideal conditions What Profile Fits Best
Senior Security Engineer, Security Architect, or Head/Director of Security
Operating in PE-backed, acquisitive, or multi-entity organizations
Comfortable being hands-on while shaping long-term strategy
Trusted to make risk-based decisions and explain them to executives Career Path
Short-term: Own and elevate the security engineering function
Mid-term: Step into VP-level ownership of security strategy and execution
Long-term: Grow into a CISO role, with board-level visibility and influence Why High-Caliber Leaders Should Draw
Real technical ownership, not checkbox security
Exposure to M&A, executive decision-making, and risk ownership
A leadership path that's earned, not promised
Enough complexity to stay interesting, without constant firefighting
Opportunity to build something durable and respected Employment Details
Seniority level: Director
Employment type: Full-time
Job function: Information Technology
Industries: Insurance
About the Company
Evolution is an award-winning specialist tech recruitment consultancy with offices in USA, Singapore, Sydney, Germany and UK. Founded in 2000 we have helped thousands of technology professionals secure their next Permanent, Contract or Interim position with leading companies, ranging from SME to multinationals.
Here in the United States we are focusing on Python, placing candidates across the three pillars of Software Engineering, Data Engineering and Data Science. We engage and build relationships with the communities tha...
Know more