AVP, Data Security & Protection at Crum & Forster

Morristown, New Jersey, United States -

Full Time

Start Date

Immediate

Expiry Date

31 Mar, 26

Salary

200000.0

Posted On

31 Dec, 25

Experience

10 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

Data Security, Cybersecurity, Data Privacy, Risk Assessment, Data Governance, Data Protection, Data Loss Prevention, Encryption, Team Leadership, Interpersonal Skills, Communication Skills, Regulatory Compliance, Data Management, Cloud Technologies, Problem Solving, Innovative Thinking

Industry

Insurance

Description

Crum & Forster Company Overview Crum & Forster (C&F), with a proud history dating to 1822, provides specialty and standard commercial lines insurance products through our admitted and surplus lines insurance companies. C&F enjoys a financial strength rating of "A+" (Superior) by AM Best and is proud of our superior customer service platform. Our claims and risk engineering services are recognized as among the best in the industry. Our most valuable asset is our people: more than 2500 employees in locations throughout the United States. The company is increasingly winning recognition as a great place to work, earning several workplace and wellness awards for four years running, including the 2025-2026 Great Place to Work® Award for our employee-first focus and our steadfast commitment to diversity, equity and Inclusion. C&F is part of Fairfax Financial Holdings, a global, billion dollar organization. For more information about Crum & Forster, please visit our website: www.cfins.com. Job Description The Cyber & Information Security Assistant Vice President (AVP) - Data Security & Protection will report directly to the CISO. In this position, you will be responsible for developing policies, procedures, and standards for protecting C&F data in accordance with the latest security threats and regulatory requirements. This position will collaborate across all business divisions to ensure the efficient and effective implementation of this program, maintaining data security standards throughout the data lifecycle. What you will do: The Cyber & Information Security AVP-Data Security & Protection will be responsible for implementing and managing a Data Security program, including: Serve as the Subject Matter Expert for data security throughout the business. Conduct Data Risk Assessments to identify potential threats and vulnerabilities impacting company data, as well as ensuring adherence to cybersecurity and data regulations. Develop and maintain data security policies, procedures, and standards aligned with industry standard data governance and protection frameworks and ensure they are followed throughout the organization. Develop and lead management of data inventories, data flows, and data sharing controls. Facilitate the design and implementation for enhanced data access controls, supporting a Role-Based Access program. Implement and support data retention and data destruction program. Advise and coordinate with the Security Operations team to implement technology and playbooks for Data Loss Prevention. Validate and enforce the deployment of encryption for data at-rest and in-transit. Lead and mentor a team of engineers that will work closely with stakeholders and data owners to enforce data protection standards. Maintain up-to-date detailed knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes, and the development of new attacks and threat vectors. Adhere to all C&F policies, procedures, and standards, within budgetary specifications, including time management, supply management, productivity, and accuracy of practice. What you will bring to C&F: Bachelor’s degree or equivalent and 10+ years in a Data Security focused role. 15+ years of Information Security experience preferred. Subject Matter Expertise in Data Security technologies. Understanding of cybersecurity and data privacy laws and regulations such as NYDFS, CCPA, and GDPR. Experience designing and implementing data security solutions in enterprise environments. Experience with various structured and unstructured data stores both on-premise and cloud native. Requires good interpersonal skills, ability to function in a fast paced, short-deadline environment, and the ability to come up with innovative cost-effective decisions. Written and verbal English communication skills. Will abide by departmental policies and procedures, including authority levels, to comply with C&F’s risk management controls. What C&F will bring to you Competitive compensation package Generous 401K employer match Employee Stock Purchase plan with employer matching Generous Paid Time Off Excellent benefits that go beyond health, dental & vision. Our programs are focused on your whole family’s wellness, including your physical, mental and financial wellbeing A core C&F tenet is owning your career development, so we provide a wealth of ways for you to keep learning, including tuition reimbursement, industry-related certifications and professional training to keep you progressing on your chosen path A dynamic, ambitious, fun and exciting work environment We believe you do well by doing good and want to encourage a spirit of social and community responsibility, matching donation program, volunteer opportunities, and an employee-driven corporate giving program that lets you participate and support your community At C&F you will BELONG If you require special accommodations, please let us know. We value inclusivity and diversity. We are committed to equal employment opportunity and welcome everyone regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity, or Veteran status. If you require special accommodations, please let us know. Belonging at C&F, is a mindset. It’s about fostering a culture of inclusion and connection, where everyone feels valued, heard, and empowered to thrive and where our social impact efforts help strengthen the communities where we live and work. For California Residents Only: Information collected and processed as part of your career profile and any job applications you choose to submit are subject to our privacy notices and policies, visit https://www.cfins.com/onlineprivacypolicy/ca/noticeatcollection/ for more information. Crum & Forster is committed to ensuring a workplace free from discriminatory pay disparities and complying with applicable pay equity laws. Salary ranges are available for all positions at this location, taking into account roles with a comparable level of responsibility and impact in the relevant labor market and these salary ranges are regularly reviewed and adjusted in accordance with prevailing market conditions. The annualized base pay for the advertised position, located in the specified area, ranges from a minimum of $149,000 to a maximum of $200,000. The actual compensation is determined by various factors, including but not limited to the market pay for the jobs at each level, the responsibilities and skills required for each job, and the employee’s contribution (performance) in that role. To be considered within market range, a salary is at or above the minimum of the range. You may also have the opportunity to participate in discretionary equity (stock) based compensation and/or performance-based variable pay programs.

Responsibilities

The AVP will develop and manage a Data Security program, ensuring the protection of company data against threats and regulatory requirements. This includes conducting risk assessments, developing policies, and leading a team to enforce data protection standards.