Sr Director, IT Security

Our Company

Explore how you can contribute  over 50 years, Ameri Life has been a leader in the development, marketing and distribution of annuity, life and health insurance solutions for those planning for and living in retirement. Associates get satisfaction from knowing they provide agents, marketers and carrier partners the support needed to succeed in a rapidly evolving industry.

The Sr. Director of IT Security serves as Ameri Life’s leader for enterprise cybersecurity, responsible for defining, implementing, and operating a comprehensive cybersecurity program spanning security architecture, cloud security, identity & access management, Dev Sec Ops , incident response, security operations, governance, risk, and compliance. This role provides regular cybersecurity insights and updates to the Board or Audit/Risk Committee and leads a high‑performing organization that includes Security Operations, Security Engineering, Governance, Risk & Compliance (GRC), and additional specialized functions.

The Sr. Director ensures that cybersecurity initiatives are fully aligned with business priorities, regulatory requirements, and Ameri Life’s overall risk appetite, while driving a multi‑year roadmap that strengthens Ameri Life’s enterprise security posture. This leader is accountable for consistent regulatory compliance, improved audit and examination outcomes, and the reduction of cyber risk across all Ameri Life entities. Through strategic leadership and operational excellence, the Sr.

Director will advance mature, scalable security operations and engineering capabilities and foster a security‑aware culture embedded across the enterprise, enabling increased resilience and ongoing protection of Ameri Life’s technology ecosystem.

• Develop and drive a unified, enterprise‑wide cybersecurity strategy.
• Monitor emerging threats, technologies, and regulatory requirements, update strategy accordingly.
• Establish a multi‑year roadmap aligned with Ameri Life’s technology and business goals.

• Lead compliance with NYDFS Part 500, SOX ITGC, GLBA, HIPAA, and other regulations.
• Oversee SOX IT controls, evidence collection, testing, remediation, and audit liaison.
• Conduct regular cybersecurity risk assessments and report findings to executives and the Board.

• Oversee enterprise security architecture across on‑prem, cloud, and hybrid environments.
• Lead Azure and Microsoft 365 cloud security programs, including CSPM, secure configuration, and tenant governance.
• Implement Zero Trust principles across identity, devices, networks, and applications.
• Ensure secure cloud migrations and consistent standards across Ameri Life affiliates.

• Integrate security into SDLC and CI/CD pipelines.
• Establish secure coding standards and oversee SAST/DAST, dependency scanning, and penetration testing.
• Promote security‑by‑design principles across development and engineering.

• Direct all SOC activities, including internal analysts and external MDR providers.
• Oversee MDR and EDR operations, ensuring integration, tuning, detection fidelity, and coordinated response.
• Maintain the enterprise Incident Response Plan, including triage, containment, forensics, recovery, and root‑cause analysis.
• Partner with external incident‑response firms for escalated investigations.
• Oversee managed vulnerability services, ensuring timely scanning, risk scoring, prioritization, and remediation tracking.
• Manage enterprise vulnerability management lifecycle and patch governance.

• Maintain cybersecurity policies and standards aligned to NIST CSF, NIST 800‑53, ISO 27001.
• Chair cybersecurity governance forums to coordinate enterprise adoption and alignment.
• Lead regulatory exams, audit responses, evidence readiness, and remediation tracking.

• Build and lead a high‑performing cybersecurity organization.
• Define roles, competencies, and KPIs; mentor and develop staff.
• Promote…