Senior Security and Compliance Analyst

Warning: Fraudulent Job Adverts Beware of fraudulent activities claiming to represent Insurify. We are not associated with any entities soliciting personal information or payment. The safety of our job seekers is a top priority, and we actively work to prevent such incidents. Insurify will never request sensitive information or payment during the hiring process. Be cautious of text-only interviews, interviews conducted through Microsoft Teams, or suspicious offer letters. 

Why us? 

Insurify is one of America’s fastest-growing MIT FinTech startups and has been recognized as one of Inc. 5,000’s fastest-growing private companies in America in 2025, 2024, 2023, 2022 and 2021, Forbes Fintech 50 List for 2023, 2022, and 2021, Forbes Next Billion Dollar Startups of 2022 global and Top 100 InsurTech company. We’re changing the way millions of people compare, buy and manage insurance with artificial intelligence, technology, and superior product design.

Our company vision is to be recognized as the preeminent and most trusted digital agent for insurance comparison, purchase, and management. Our team is critical to achieving our vision and fostering the right culture is essential to our team’s success.

• $1.3 Trillion market opportunity
• MIT alumni founders
• Female-led startup
• $130M total funding
• Strong leadership team with experience from many successful startups around the world

Insurify is hiring a Senior Security and Compliance Analyst to help design and enforce security controls to protect systems, data, and infrastructure while ensuring alignment with regulatory and industry standards. This role will be working cross functionally across the org on long-term projects as Insurify continues to scale.

This is a hybrid position that requires candidates to be able to come into our Cambridge, MA office.

• Align security practices with external regulations, internal policies, and security frameworks (e.g., NIST CSF, PCI).
• Conduct risk assessments and threat/vulnerability analyses across systems and networks.
• Recommend, implement, and validate security controls and best practices to reduce risk.
• Continuously monitor systems for threats and validate the effectiveness of implemented controls.
• Develop, maintain, and socialize security policies, standards, and procedures. 
• Develop incident response planning and manage post-incident reviews.
• Maintain the security and compliance automation platform.
• Monitor evolving threats, regulations, and industry trends to continually enhance the security program.
• Present findings and recommendations to technical and executive stakeholders.

• Associate's or bachelor's degree in computer science or a related field.
• 3+ years of relevant experience.
• Expertise with enterprise IT, cloud infrastructure, common threats, and core security tools.
• Working knowledge of frameworks such as NIST CSF and PCI for risk and capability mapping.
• Understanding of data privacy laws and industry-specific regulations.
• Clear, concise communication of complex technical risk to both technical and executive audiences.