The Hartford
Overview
Information Security Senior Specialist - IS07EE We’re determined to make a difference and are proud to be an insurance company that goes well beyond coverages and policies. Working here means having every opportunity to achieve your goals – and to help others accomplish theirs, too. Join our team as we help shape the future. Technology Risk Senior Specialist We are looking for a Technology Risk Senior Specialist within the First Line of Defense, dedicated to ensuring sound governance, oversight and execution of IT risk and controls across the technology organization. This will be a highly visible position that will partner with business and IT teams to advise on IT risk and controls. This individual exhibits a deep understanding of the line of business including applicable systems, tools, policies, and procedures and are adept at identifying gaps and deficiencies. This role will be responsible for influencing the risk culture and providing risk oversight activities will include risk identification, control design and evaluation, and completion of risk and control self-assessments. This role will have a Hybrid work schedule, with the expectation of working in an office (Columbus, OH, Chicago, IL, Hartford, CT, Charlotte, NC, or NYC) 3 days a week (Tuesday through Thursday).
Responsibilities
Understand and apply the enterprise policies, standards and framework for governance, risk & compliance
Execute based on the Enterprise Risk Management standard on how to identify, assess, mitigate, monitor, test and report on risks and controls
Perform control analysis and design and validate key controls are operating effectively and mitigate risks identified in the enterprise risk register
Provide Issue management oversight, analysis, and remediation support Conduct Technology Risk Assessments, Risk & Control Self-assessment (RCSA) in partnership with risk owners
Engage at all levels of the organization to organize, drive, and communicate results and partner with Second Line of Defense (SLOD) and Internal audit on risk related topics
Make risk-based decisions and trade-offs impacting annual investment strategies and project prioritization
Build and analyze metrics to measure risk and make informed decisions
Integrate into technology areas to perform risk analysis and consultation
Partner with Application, Data and Data Science leaders to manage and reduce risk
Provide Risk Consulting and Risk prevention guidance
Support SOX/SOC & PCI engagements
Qualifications
Bachelor’s degree in Computer Science, Engineering, or Information Management Systems
7+ years of experience in IT/Technology/Information Security Internal Audit or Compliance experience with exposure to financial products and services, banking industry, e-commerce or a Big-4 audit environment preferred.
Utilize a deep understanding of risk management methodologies, frameworks, and principles (e.g., SOX, COBIT, NIST, CSA, ITIL, PCI, GDPR, etc.) to evaluate and recommend best approach to mitigating risk with best-in-class controls.
Operate in a fast-paced environment and able to handle several simultaneous projects and tasks while demonstrating urgency and ownership to drive issues to completion.
Possess strong oral and written communication skills along with refined presentation skills and the ability to work with other departments and varying levels of management, including senior leadership.
Have strong ability to be detail oriented, deadline driven, and organized with minimum direction and possess a high drive for results.
Certifications a plus (CRISC, CISA, CISSP, CISM, etc.)
Candidate must be authorized to work in the US without company sponsorship. The company will not support the STEM OPT I-983 Training Plan endorsement for this position.
Compensation The listed annualized base pay range is primarily based on analysis of similar positions in the external market. Actual base pay could vary and may be above or below the listed range based on factors including but not limited to performance, proficiency and demonstration of competencies required for the role. The base pay is just one component of The Hartford’s total compensation package for employees. Other rewards may include short-term or annual bonuses, long-term incentives, and on-the-spot recognition. The annualized base pay range for this role is:
$116,400 - $174,600
Equal Opportunity Employer/Sex/Race/Color/Veterans/Disability/Sexual Orientation/Gender Identity or Expression/Religion/Age
About Us | Our Culture | What It’s Like to Work Here | Perks & Benefits
#J-18808-Ljbffr
Information Security Senior Specialist - IS07EE We’re determined to make a difference and are proud to be an insurance company that goes well beyond coverages and policies. Working here means having every opportunity to achieve your goals – and to help others accomplish theirs, too. Join our team as we help shape the future. Technology Risk Senior Specialist We are looking for a Technology Risk Senior Specialist within the First Line of Defense, dedicated to ensuring sound governance, oversight and execution of IT risk and controls across the technology organization. This will be a highly visible position that will partner with business and IT teams to advise on IT risk and controls. This individual exhibits a deep understanding of the line of business including applicable systems, tools, policies, and procedures and are adept at identifying gaps and deficiencies. This role will be responsible for influencing the risk culture and providing risk oversight activities will include risk identification, control design and evaluation, and completion of risk and control self-assessments. This role will have a Hybrid work schedule, with the expectation of working in an office (Columbus, OH, Chicago, IL, Hartford, CT, Charlotte, NC, or NYC) 3 days a week (Tuesday through Thursday).
Responsibilities
Understand and apply the enterprise policies, standards and framework for governance, risk & compliance
Execute based on the Enterprise Risk Management standard on how to identify, assess, mitigate, monitor, test and report on risks and controls
Perform control analysis and design and validate key controls are operating effectively and mitigate risks identified in the enterprise risk register
Provide Issue management oversight, analysis, and remediation support Conduct Technology Risk Assessments, Risk & Control Self-assessment (RCSA) in partnership with risk owners
Engage at all levels of the organization to organize, drive, and communicate results and partner with Second Line of Defense (SLOD) and Internal audit on risk related topics
Make risk-based decisions and trade-offs impacting annual investment strategies and project prioritization
Build and analyze metrics to measure risk and make informed decisions
Integrate into technology areas to perform risk analysis and consultation
Partner with Application, Data and Data Science leaders to manage and reduce risk
Provide Risk Consulting and Risk prevention guidance
Support SOX/SOC & PCI engagements
Qualifications
Bachelor’s degree in Computer Science, Engineering, or Information Management Systems
7+ years of experience in IT/Technology/Information Security Internal Audit or Compliance experience with exposure to financial products and services, banking industry, e-commerce or a Big-4 audit environment preferred.
Utilize a deep understanding of risk management methodologies, frameworks, and principles (e.g., SOX, COBIT, NIST, CSA, ITIL, PCI, GDPR, etc.) to evaluate and recommend best approach to mitigating risk with best-in-class controls.
Operate in a fast-paced environment and able to handle several simultaneous projects and tasks while demonstrating urgency and ownership to drive issues to completion.
Possess strong oral and written communication skills along with refined presentation skills and the ability to work with other departments and varying levels of management, including senior leadership.
Have strong ability to be detail oriented, deadline driven, and organized with minimum direction and possess a high drive for results.
Certifications a plus (CRISC, CISA, CISSP, CISM, etc.)
Candidate must be authorized to work in the US without company sponsorship. The company will not support the STEM OPT I-983 Training Plan endorsement for this position.
Compensation The listed annualized base pay range is primarily based on analysis of similar positions in the external market. Actual base pay could vary and may be above or below the listed range based on factors including but not limited to performance, proficiency and demonstration of competencies required for the role. The base pay is just one component of The Hartford’s total compensation package for employees. Other rewards may include short-term or annual bonuses, long-term incentives, and on-the-spot recognition. The annualized base pay range for this role is:
$116,400 - $174,600
Equal Opportunity Employer/Sex/Race/Color/Veterans/Disability/Sexual Orientation/Gender Identity or Expression/Religion/Age
About Us | Our Culture | What It’s Like to Work Here | Perks & Benefits
#J-18808-Ljbffr