Information Security Team Lead

  • Business Support Departments
  • IT
  • Role Type
  • Permanent
  • Location
  • Richmond VA (Glen Allen Headquarters)
  • Salary
  • Based on Experience
  • Job Advert Description
  • Information Security Team Lead

    Why Elephant Insurance?

    At Elephant Insurance, we believe that people who like what they do, do it better. We pride ourselves on a relaxed and dynamic company culture that has earned us the honor of being named one of the best places to work! As our company grows, we encourage an environment of individual contribution, long-term commitment, and employee growth and development.

    Elephant Insurance strives towards creating and sustaining a flexible, adaptable and customer-centric workplace atmosphere. We aim to uphold our start-up mentality backed by one of the UK’s largest insurers, Admiral Group. We value our ability to identify and develop talented, motivated people to help Elephant become a growing, profitable, sustainable company with the customer at the center.

    Summary of Benefits:

    • 22 days of paid time off each year plus an additional day each year until your 6th year
    • Shares of stock that pay dividends throughout the year and vest three years from the date they are granted
    • 401k match of 100% up to 5% of employee earnings
    • Health savings account option and choice of three medical plans
    • Dental, vision, legal and disability coverage
    • Gym membership reimbursement and athletic event reimbursement
    • Local discounts with various restaurants, gyms and other companies

    About the Information Security Team Lead

    Elephant Insurance is seeking a highly motivated and talented information security professional to join our growing team.  Successful candidates will have a solid depth in many information security domains, as well as a genuine interest and enthusiasm for continuous learning and teaching others.  The Information Security Team Lead role will place a heavy emphasis on rolling up your sleeves to take on challenges directly, as well as providing support to fellow team members and the larger IT organization and business community.  They will be a subject matter expert regarding security risks and controls, planning and leading security projects to further the organizations security program.  In addition to job-specific skills, candidates will be adept with problem-solving, communication and leading by example.  Elephant has consistently been voted a Top Workplace in Richmond and is fun, dynamic environment to grow your security career!


    • Provide support and leadership for service delivery in critical security areas, including Incident Management, Platform Management, Control Framework Development, Architecture, Awareness, Policy and Compliance
    • Develop, maintain, and refine risk management practices using established risk frameworks
    • Maintain a working knowledge of current threats and vulnerabilities
    • Stay informed on information security best practices and evaluate their applicability to Elephant
    • Conduct assessments of the management, operational, and technical security controls employed by an IT system to determine the overall effectiveness of the controls
    • Develop and refine security policy, processes, and procedures
    • Find and realize opportunities for continuous improvement via evaluation and rollout of tools methodologies
    • Assist in maintaining a risk management strategy for the organization in balance with the organization’s risk tolerance
    • Communicate risks and potential impacts in a way that stakeholders understand
    • Partner with system owners implement controls to address unaccepted risks
    • Consult with various areas of the business as an information risk subject matter expert
    • Mentor team members to increase overall team performance


    • 6+ years of experience in the Information Security field
    • Bachelor’s degree, preferably in information security, computer science, or information technology
    • Flexible, pragmatic and results-driven approach to information security risk management
    • Excellent written and verbal communication skills
    • Comfortable conveying information effectively and professionally to a wide variety of technical and non-technical audiences
    • Methodical, data-driven approach to security and risk analysis with the ability to think laterally and imaginatively while implementing security improvements
    • CISSP, CISM, GSEC, CCSP, CEH or equivalent professional certificate strongly preferred
  • Closing Date
  • 06/27/2019