Head of Data Security

Job Title: Head of Data Security

Reporting to: Business Information Security Officer

Direct Reports: None

Position Type: Full time

Why Tokio Marine HCC?

Standing still is not an option in the current world of Insurance. TMHCC is one of the world’s leading Specialty Insurers. With deep expertise in our chosen lines of business, our unparalleled track record and a solid balance sheet, TMHCC evaluates and manages risk like no one else in the industry. Looking beyond profit, empowering our people and delivering on our commitments are at the core of our customer values, along with a desire to grow and provide creative and innovative solutions to our clients.

About Operations

Operations sits at the heart of TMHCC, we ensure the smooth running of all business processes — from policy administration and claims handling to data, technology, and delivery. We focus on driving efficiency which enables our teams across the business to deliver exceptional results every day. Our value statement: Ops makes it happen.

Operations is made up of 7 functions, this role sits within: IT

We are the foundation for TMHCC’s success - enabling the business to grow, compete, and innovate through technology, security, and solution design. From shaping strategy to delivering resilient operations, we ensure every capability is aligned to business value. Our inclusive and collaborative culture empowers everyone to explore ideas, solve meaningful challenges, and build fulfilling careers that make a real impact.

Job Purpose:

Provide strategic and technical leadership for data security across TMHCC International, with a primary focus on preventing data leakage and preparing the enterprise for emerging cryptographic risks, including quantum computing threats. You will report directly to the Business Information Security Officer for the International division of TMHCC and lead cross-disciplinary efforts to drive down risks associated with data security.

Key Responsibilities:

• Lead the organisation’s data security strategy, with ownership of data leakage prevention across systems, platforms, and endpoints.

• Design, implement, and continuously enhance DLP frameworks, controls, and monitoring capabilities.

• Establish governance and controls for data classification, handling, encryption, and secure data lifecycle management.

• Lead the organisation’s approach to quantum cryptography and post-quantum readiness, including risk assessment and roadmap development.

• Evaluate, select, and oversee deployment of advanced cryptographic solutions aligned to current and emerging standards.

• Partner closely with Technology, Architecture, Risk, Legal, and Compliance teams to embed data security by design.

• Monitor emerging threats, regulatory developments, and industry best practices related to data security and cryptography.

• Provide expert guidance on data security incidents, breaches, and investigations.

• Manage relationships with specialist vendors and partners.

Performance Objectives: 

• Establish a clear, organisation-wide data security and DLP strategy, including defined controls, ownership, and reporting.

• Demonstrate measurable reduction in data leakage risk through effective control implementations and provide improved visibility of data risk.

• Deliver a credible quantum-readiness or post-quantum cryptography roadmap, aligned with business risk and regulatory expectations.

Skills and Experience Specification:

Essential:

• Significant experience in senior data security, information security, or cybersecurity leadership roles.

• Deep expertise in data leakage prevention, data classification, encryption, and data lifecycle controls.

• Strong understanding of cryptographic principles, key management, and secure data architectures.

• Experience designing and implementing enterprise-scale DLP solutions across cloud, on-prem, and endpoint environments.

• Proven ability to translate complex technical risks into clear business and executive-level insights.

• Strong stakeholder management skills across technology, risk, and business leadership.

• Relevant professional certifications (e.g. CISSP, CISM, CCSP, or cryptography-focused qualifications).

• Familiarity with emerging standards and guidance (e.g. NIST post-quantum cryptography).

Desirable:

• Practical experience with quantum cryptography, post-quantum cryptography, or cryptographic agility initiatives.

• Experience in regulated industries such as financial services, insurance, or healthcare.

• Experience leading data security incident response and breach investigations.

What We Offer

The Tokio Marine HCC Group of Companies offers a competitive salary and employee benefit package. We are a successful, dynamic organization experiencing rapid growth and are seeking energetic and confident individuals to join our team of professionals.

The Tokio Marine HCC Group of companies is an equal opportunity employer.  Please visit www.tmhcc.com for more information about our companies.

#LI-HJ1