Highstreet Insurance Partners
Director, Information & Technology Security
Highstreet Insurance Partners, Chicago, Illinois, United States, 60290
Highstreet Insurance Partners provided pay range
This range is provided by Highstreet Insurance Partners. Your actual pay will be based on your skills and experience — talk with your recruiter to learn more.
Base pay range $160,000.00/hr - $180,000.00/hr
Job Title:
Director, Information & Technology Security Location:
Hybrid – Chicago Salary:
$160,000-$180,000 annually, eligible for annual bonus for meeting performance goals
Company Background:
Highstreet Insurance Partners (Highstreet) is one of the fastest-growing insurance agencies in the U.S. Founded with the mindset of putting people first, Highstreet brings technical and industry experience together to serve and protect customers while providing its internal teams with the tools and resources to grow. We love to help people pursue life’s opportunities with tenacity and confidence to create stronger, more resilient communities. We do it for all our futures.
Role Overview The Director of Information & Technology Security is responsible for designing, executing, and operating the company’s security program across identity, endpoint, data, application, and network domains. This is a hands‑on leadership role focused on practical risk reduction, operational security, and scaling security across a growing, acquisition‑driven organization.
The Director will partner closely with Technology Operations, Infrastructure, and M&A teams to embed security into day‑to‑day operations and future‑state architecture.
The Director reports directly to the VP of Technology Operations and is accountable for execution, not theory.
Primary Objectives
Reduce enterprise security risk through practical, enforceable controls
Execute against the company’s multi‑year security roadmap
Mature identity, endpoint, and data protection capabilities
Operationalize detection, response, and monitoring
Support secure growth through M&A and integration activity
Improve visibility, consistency, and security posture without unnecessary friction
Key Responsibilities Identity Security & Access Control
Own identity security strategy and execution across Entra ID and Microsoft 365
Implement and maintain conditional access, MFA, and privileged identity management
Establish baseline access standards and least‑privelege models
Reduce identity‑based risk and credential abuse across the enterprise
Partner with IT Operations on identity lifecycle management and access reviews
Endpoint, Device & M365 Security
Oversee endpoint protection, device compliance, and EDR capabilities
Partner with Intune and Device teams to enforce security baselines
Improve detection and response through MDR and telemetry
Reduce endpoint‑based attack surface and configuration drift
Ensure security controls scale across acquired environments
Data Protection & Insider Risk
Lead data loss prevention (DLP), insider risk, and sensitive data protection efforts
Partner with IT and Legal on data classification and protection strategies
Improve visibility into sensitive data usage and movement
Reduce data exfiltration risk across cloud and endpoint environments
Support investigations and response to insider‑related events
Application & Cloud Security
Improve visibility into SaaS usage and shadow IT
Partner with Technology teams on secure application access and posture
Support future‑state cloud app security capabilities
Ensure security controls align with business workflows, not disrupt them
Incident Response, Monitoring & Operations
Own incident response planning and execution
Partner with SOC / MDR providers to ensure effective detection and response
Lead security investigations and post‑incident remediation
Establish clear runbooks, escalation paths, and communication protocols
Provide executive‑level visibility into incidents, risks, and remediation progress
M&A Security Support
Support security diligence for acquisitions
Assess security posture of acquired entities
Partner with Technology Operations to prioritize remediation
Drive security standardization post‑close without disrupting operations
Required Experience & Skills
6–10+ years in information or technology security roles
Experience operating security in mid‑market or PE‑backed environments
Strong background in:
Identity & Access Management (Entra ID / Azure AD)
Endpoint security and EDR
Microsoft 365 security stack
Incident response and security operations
Ability to balance security requirements with business realities
Experience partnering with IT Operations, Infrastructure, and vendors
Strong communication skills with both technical and non‑technical leaders
Benefits
Employer Paid Life & AD&D
Employer Paid Short- & Long‑term disability
Paid Holidays
401k with employer match
Health, Vision, and Dental insurance
Work Environment
Hybrid Work work schedule in the Chicago, IL.
Reasonable accommodation may be made to enable individuals with disabilities to perform the essential functions of the position as described above.
Seniority level
Director
Employment type
Full‑time
Job function
Information Technology
Insurance
#J-18808-Ljbffr
Base pay range $160,000.00/hr - $180,000.00/hr
Job Title:
Director, Information & Technology Security Location:
Hybrid – Chicago Salary:
$160,000-$180,000 annually, eligible for annual bonus for meeting performance goals
Company Background:
Highstreet Insurance Partners (Highstreet) is one of the fastest-growing insurance agencies in the U.S. Founded with the mindset of putting people first, Highstreet brings technical and industry experience together to serve and protect customers while providing its internal teams with the tools and resources to grow. We love to help people pursue life’s opportunities with tenacity and confidence to create stronger, more resilient communities. We do it for all our futures.
Role Overview The Director of Information & Technology Security is responsible for designing, executing, and operating the company’s security program across identity, endpoint, data, application, and network domains. This is a hands‑on leadership role focused on practical risk reduction, operational security, and scaling security across a growing, acquisition‑driven organization.
The Director will partner closely with Technology Operations, Infrastructure, and M&A teams to embed security into day‑to‑day operations and future‑state architecture.
The Director reports directly to the VP of Technology Operations and is accountable for execution, not theory.
Primary Objectives
Reduce enterprise security risk through practical, enforceable controls
Execute against the company’s multi‑year security roadmap
Mature identity, endpoint, and data protection capabilities
Operationalize detection, response, and monitoring
Support secure growth through M&A and integration activity
Improve visibility, consistency, and security posture without unnecessary friction
Key Responsibilities Identity Security & Access Control
Own identity security strategy and execution across Entra ID and Microsoft 365
Implement and maintain conditional access, MFA, and privileged identity management
Establish baseline access standards and least‑privelege models
Reduce identity‑based risk and credential abuse across the enterprise
Partner with IT Operations on identity lifecycle management and access reviews
Endpoint, Device & M365 Security
Oversee endpoint protection, device compliance, and EDR capabilities
Partner with Intune and Device teams to enforce security baselines
Improve detection and response through MDR and telemetry
Reduce endpoint‑based attack surface and configuration drift
Ensure security controls scale across acquired environments
Data Protection & Insider Risk
Lead data loss prevention (DLP), insider risk, and sensitive data protection efforts
Partner with IT and Legal on data classification and protection strategies
Improve visibility into sensitive data usage and movement
Reduce data exfiltration risk across cloud and endpoint environments
Support investigations and response to insider‑related events
Application & Cloud Security
Improve visibility into SaaS usage and shadow IT
Partner with Technology teams on secure application access and posture
Support future‑state cloud app security capabilities
Ensure security controls align with business workflows, not disrupt them
Incident Response, Monitoring & Operations
Own incident response planning and execution
Partner with SOC / MDR providers to ensure effective detection and response
Lead security investigations and post‑incident remediation
Establish clear runbooks, escalation paths, and communication protocols
Provide executive‑level visibility into incidents, risks, and remediation progress
M&A Security Support
Support security diligence for acquisitions
Assess security posture of acquired entities
Partner with Technology Operations to prioritize remediation
Drive security standardization post‑close without disrupting operations
Required Experience & Skills
6–10+ years in information or technology security roles
Experience operating security in mid‑market or PE‑backed environments
Strong background in:
Identity & Access Management (Entra ID / Azure AD)
Endpoint security and EDR
Microsoft 365 security stack
Incident response and security operations
Ability to balance security requirements with business realities
Experience partnering with IT Operations, Infrastructure, and vendors
Strong communication skills with both technical and non‑technical leaders
Benefits
Employer Paid Life & AD&D
Employer Paid Short- & Long‑term disability
Paid Holidays
401k with employer match
Health, Vision, and Dental insurance
Work Environment
Hybrid Work work schedule in the Chicago, IL.
Reasonable accommodation may be made to enable individuals with disabilities to perform the essential functions of the position as described above.
Seniority level
Director
Employment type
Full‑time
Job function
Information Technology
Insurance
#J-18808-Ljbffr