×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security

Director, Information & Technology Security

Job in Chicago, Cook County, Illinois, 60290, USA
Listing for: Highstreet Insurance Partners
Full Time position
Listed on 2026-01-01
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security
Salary/Wage Range or Industry Benchmark: 160000 - 180000 USD Yearly USD 160000.00 180000.00 YEAR
Job Description & How to Apply Below
Highstreet Insurance Partners provided pay range

This range is provided by Highstreet Insurance Partners. Your actual pay will be based on your skills and experience — talk with your recruiter to learn more.

Base pay range

$/hr - $/hr

Job Title:

Director, Information & Technology Security

Location:

Hybrid – Chicago
Salary: $160,000-$180,000 annually, eligible for annual bonus for meeting performance goals

Company Background:
Highstreet Insurance Partners (Highstreet) is one of the fastest-growing insurance agencies in the U.S. Founded with the mindset of putting people first, Highstreet brings technical and industry experience together to serve and protect customers while providing its internal teams with the tools and resources to grow. We love to help people pursue life’s opportunities with tenacity and confidence to create stronger, more resilient communities.

We do it for all our futures.

Role Overview

The Director of Information & Technology Security is responsible for designing, executing, and operating the company’s security program across identity, endpoint, data, application, and network domains. This is a hands‑on leadership role focused on practical risk reduction, operational security, and scaling security across a growing, acquisition‑driven organization.

The Director will partner closely with Technology Operations, Infrastructure, and M&A teams to embed security into day‑to‑day operations and future‑state architecture.

The Director reports directly to the VP of Technology Operations and is accountable for execution, not theory.

Primary Objectives

• Reduce enterprise security risk through practical, enforceable controls

• Execute against the company’s multi‑year security roadmap

• Mature identity, endpoint, and data protection capabilities

• Operationalize detection, response, and monitoring

• Support secure growth through M&A and integration activity

• Improve visibility, consistency, and security posture without unnecessary friction

Key Responsibilities

Identity Security & Access Control

• Own identity security strategy and execution across Entra  Microsoft 365

• Implement and maintain conditional access, MFA, and privileged identity management

• Establish baseline access standards and least‑privelege models

• Reduce identity‑based risk and credential abuse across the enterprise

• Partner with IT Operations on identity lifecycle management and access reviews

Endpoint, Device & M365 Security

• Oversee endpoint protection, device compliance, and EDR capabilities

• Partner with Intune and Device teams to enforce security baselines

• Improve detection and response through MDR and telemetry

• Reduce endpoint‑based attack surface and configuration drift

• Ensure security controls scale across acquired environments

Data Protection & Insider Risk

• Lead data loss prevention (DLP), insider risk, and sensitive data protection efforts

• Partner with IT and Legal on data classification and protection strategies

• Improve visibility into sensitive data usage and movement

• Reduce data exfiltration risk across cloud and endpoint environments

• Support investigations and response to insider‑related events

Application & Cloud Security

• Improve visibility into SaaS usage and shadow IT

• Partner with Technology teams on secure application access and posture

• Support future‑state cloud app security capabilities

• Ensure security controls align with business workflows, not disrupt them

Incident Response, Monitoring & Operations

• Own incident response planning and execution

• Partner with SOC / MDR providers to ensure effective detection and response

• Lead security investigations and post‑incident remediation

• Establish clear runbooks, escalation paths, and communication protocols

• Provide executive‑level visibility into incidents, risks, and remediation progress

M&A Security Support

• Support security diligence for acquisitions

• Assess security posture of acquired entities

• Partner with Technology Operations to prioritize remediation

• Drive security standardization post‑close without disrupting operations

Required Experience & Skills

• 6–10+ years in information or technology security roles

• Experience operating security in mid‑market or…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search