Sr Cloud Engineer - IE07NE

We’re determined to make a difference and are proud to be an insurance company that goes well beyond coverages and policies. Working here means having every opportunity to achieve your goals – and to help others accomplish theirs, too. Join our team as we help shape the future.

Coordinates, communicates, integrates, and is accountable for the overall success of the Governance, Risk & Compliance Program, with a focus on security processes and architecture security design, and ensuring alignment with stakeholders. Ensures Security process lifecycle, audit, compliance & risk management, resiliency management, third party security governance, data protection & privacy governance activities are effectively delivered and enhanced for future.

Job Responsibilities & Competencies

Main Responsibility Areas:

• Partner w/ Cloud Services Architecture, GRC team peers, and others within Cloud Services to create and review policy standards and strategies to ensure procedures and guidelines comply with cybersecurity frameworks, standards & industry benchmarks.

• Participate in security governance process to provide security risks, mitigations, and input on other technical risks.

• Determine the information security approach and operating model in consultation with CBO GRC lead & stakeholders and aligned with the risk management approach and compliance monitoring of risk areas.

• Assessing security controls and their effectiveness based on cybersecurity principles and tenets.

• Provide regular reporting of the security program to relevant stakeholders.

• Understand and interact with related disciplines to ensure the consistent application of policies and standards across all Security Governance, Risk & Compliance Management Services.

• Facilitate security risk, legal and regulatory assessments, including the reporting and oversight of treatment efforts to address negative findings.

• Perform review & analysis with stakeholders to help establish the lessons learnt, create & update new/existing processes & procedures to mature the Security Governance, Risk & Compliance Management Services.

• Support in preparing authorization and assurance documents to confirm that the level of risk is within acceptable limits for each application, system, and network.

• Ensure that plans of actions and milestones or remediation plans are in place for vulnerabilities identified during risk assessments, audits, inspections, etc.

Develop the Frameworks

• Facilitate a metrics and reporting framework to measure the efficiency and effectiveness of the program, facilitate decisions for appropriate resource allocation, and increase the maturity of the security, and review it with stakeholders

• Partner w/ GRC Lead to ensure secure architecture and security is built-in by design in security GRC services

Operate the Function

• Oversight of policy standards and strategies to ensure procedures and guidelines comply with cybersecurity frameworks, standards & industry benchmark

• Participate in Risk Governance process to provide security risks, mitigations, and input on other technical risks.

• Review authorization and assurance documents to confirm that the level of risk is within acceptable limits for each application, system, and network.

• Ensure effective delivery for Application Security, Penetration Testing, Secure configuration, Vulnerability Management and Data security projects.

• Ensure that plans of actions and milestones or remediation plans are in place for vulnerabilities identified during risk assessments, audits, inspections, etc.

• Continuously validate the organization against policies/guidelines/procedures/regulations/laws to ensure compliance for necessary audit & compliance activities

• Facilitate security risk, legal and regulatory assessments, including the reporting and oversight of treatment efforts to address negative findings.

• Perform review & analysis with stakeholders to help establish the lessons learnt, create & update new/existing processes & procedures to mature the Security Governance, Risk & Compliance Management Services.

Qualifications

Key Competencies:

• Ability to develop policy, plans, and strategy in compliance with laws, regulations, policies, and standards in support of organizational cyber activities.

• Sound knowledge of security risk management and cybersecurity technologies.

• Poise and ability to act calmly and competently in high-pressure, high-stress situations

• Must be a critical thinker, with strong problem-solving skills

• Excellent stakeholder management skills

• High level of personal integrity, as well as the ability to professionally handle confidential matters and show an appropriate level of judgment and maturity

• Perform risk analysis (e.g., threat, vulnerability, and the probability of occurrence)

• Promote awareness of security issues among management

• Knowledge and understanding of relevant legal and regulatory requirements

• Excellent analytical skills, the ability to manage multiple projects under strict timelines, as well as the ability to work well in a demanding, dynamic environment and meet overall objectives

• Project management skills: financial/budget management, scheduling and resource management

• Ability to motivate to achieve tactical and strategic goals

• A master of influencing entities and decisions in situations where no formal reporting structures exist, but achieving the desirable outcome is vital

• Knowledge of Vulnerability Management, Penetration Testing principles, Secure configuration and Application Security tools, and techniques.

• Knowledge Management, innovation & skills improvement

• Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate security and risk-related concepts to technical and nontechnical audiences at various hierarchical levels

This role will have a Hybrid work schedule, with the expectation of working in an office (Columbus, OH, Chicago, IL, Hartford, CT or Charlotte, NC) 3 days a week (Tuesday through Thursday).

Candidates must be authorized to work in the US without company sponsorship. The company will not support the STEM OPT I-983 Training Plan endorsement for this position.

Compensation

The listed annualized base pay range is primarily based on analysis of similar positions in the external market. Actual base pay could vary and may be above or below the listed range based on factors including but not limited to performance, proficiency and demonstration of competencies required for the role. The base pay is just one component of The Hartford’s total compensation package for employees. Other rewards may include short-term or annual bonuses, long-term incentives, and on-the-spot recognition. The annualized base pay range for this role is:

$136,000 - $204,000

Equal Opportunity Employer/Females/Minorities/Veterans/Disability/Sexual Orientation/Gender Identity or Expression/Religion/Age

About Us (https://www.thehartford.com/about-us) | Culture & Employee Insights (https://www.thehartford.com/careers/employee-stories) | Diversity, Equity and Inclusion (https://www.thehartford.com/about-us/corporate-diversity) | Benefits (https://www.thehartford.com/careers/benefits)

Human achievement is at the heart of what we do.

We believe that with the right encouragement and support, people are capable of achieving amazing things.

We put our belief into action by ensuring individuals and businesses are well protected, and by going even further – making an impact in ways that go beyond an insurance policy.

Nearly 19,000 employees use their unique talents in careers that span a variety of disciplines – from developing the latest technology to creating and promoting our products to evaluating future financial risks.

We’re also committed to programs that drive education and support volunteerism, which put human beings first. We do it because it’s the right thing to do, and because when our customers, communities and employees succeed, we all do.

About Us (https://www.thehartford.com/about-us)

Culture & Employee Insights (https://www.thehartford.com/careers/employee-stories)

Diversity, Equity and Inclusion (https://www.thehartford.com/about-us/corporate-diversity)

Benefits (https://www.thehartford.com/careers/benefits)

Legal Notice (https://www.thehartford.com/legal-notice)

Accessibility StatementProducer Compensation (https://www.thehartford.com/producer-compensation)

EEO

Privacy Policy (https://www.thehartford.com/online-privacy-policy)

California Privacy Policy

Your California Privacy Choices (https://www.thehartford.com/data-privacy-opt-out-form)

International Privacy Policy

Canadian Privacy Policy (https://www.thehartford.com/canadian-privacy-policy)

Unincorporated Areas of LA County, CA (Applicant Information)