We’re hiring an Information Security Program Manager in Columbus, OH

Engineering at Root
The engineering team at Root strives to be one of the most transformative engineering teams ever. We’re changing the way that car insurance works. We’re competing with companies that have been around for a century and comprise a $200B industry—and we’re doing it with an astonishingly small team. We recently raised one of the largest VC rounds ever for an Ohio technology company, giving us an opportunity to make a large impact. For more on engineering at Root, see https://root.engineering

The company
Root is a company of 160 and (mindfully) growing. In March of 2015, we set out to build an insurance solution that accomplished two things: 1) provided an unprecedented user experience and 2) leveraged modern data to more accurately predict risk. The product that we created, a mobile application through which we sell insurance, allows us to satisfy both of these objectives.

The culture
Things have been going very well for us and there is still a lot of interesting work ahead. Root is a venture-backed technology company. Our early signs of success are in large part due to our unwavering standards in hiring. We recognize that our product is only as good as the hearts and minds building it. We look for individuals who can find solutions to our challenges by going through the cycle of ideation to implementation with curiosity and rigor. We expect every team member to lead with empathy and respect. Our open office space is filled with the rhythmic tapping of keyboards, percussive “pop” of LaCroix cans, and the hum of formative conversation. The team eats catered lunch together Monday-Thursday.

About the position
As Root continues to grow, we’re looking to improve the maturity of our security practice. While our engineering team takes security seriously and uses industry-accepted best practices, we haven’t yet formalized our information security program.We’re looking for somebody who can primarily focus on the Governance, Risk, and Compliance side of InfoSec, while also having a technical knowledge of infrastructure and software engineering. We want to build a strong collaboration between our security engineering and the rest of the company so that we can take proper care in mitigating risks while also maintaining high velocity and efficient delivery of software.

We’re looking for somebody experienced with:

  • Developing information security policies and procedures to meet global privacy and compliance standards
  • Solid understanding and experience with security controls and risk assessment techniques
  • Ability to communicate, oversee and carry out technical implementations of security solutions required to meet business objectives
  • Incident response, disaster recovery, and business continuity planning
  • Applying sound judgment on the prioritization of a wide variety of possible projects designed to improve the overall security maturity of the organization

It’d also be helpful to have experience with the following technologies, although it’s not required.

  • Securing infrastructure built on AWS
  • Continuous delivery pipelines
  • Securing data warehousing and business intelligence tools
  • A familiarity with DevSecOps or any experience in application security

Get in touch

Finding the right people to help us build Root is a top priority. Whether you would like to explore the possibility of working together or simply learn more about the position, we’d love to hear from you!

Apply now