Acrisure operates a fintech platform that handles insurance, employee benefits, and financial services for millions of clients across 24 countries - including one out of every 19 U.S. businesses. The company runs cybersecurity and managed IT offerings as part of that portfolio, alongside payroll, mortgages, and reinsurance products. The platform ingests hundreds of billions of data points to feed AI-driven decisioning across these verticals, and the security team has to defend that data surface at scale.
The threat model here is straightforward: highly regulated financial and insurance data flowing through systems that touch enterprise HR, payment rails, and third-party integrations. The company holds SOC 2, ISO 27001, PCI-DSS, and SOX attestations, which means continuous evidence collection and control validation. Security architecture runs on Microsoft M365 infrastructure, with NIST frameworks guiding baseline posture. The technical reality is building and maintaining detective and preventive controls across a sprawling SaaS environment where compliance scope never stops expanding.
The cybersecurity function sits inside a 19,000-employee organization that has grown at a 45 percent compound rate since 2013 - nearly $5 billion in annual revenue now. That growth trajectory means constant M&A integration, legacy system rationalization, and identity management at the edges. The work involves operationalizing secure-by-design patterns for AI pipelines, locking down data exfiltration paths, and keeping vendor risk programs current as the client base scales globally.