Information Security Specialist - IS08DE

We’re determined to make a difference and are proud to be an insurance company that goes well beyond coverages and policies. Working here means having every opportunity to achieve your goals – and to help others accomplish theirs, too. Join our team as we help shape the future.   

         

The Hartford’s Information Protection (THIP) organization is looking for a talented Information Security Specialist to join a high-performing team of cutting-edge cyber professionals. Our Business Security and Governance team provides direct support to our business areas by delivering valued consulting services for security requirements, vendor security assessments, contract reviews, customer inquiry responses and ad-hoc security consulting requests. These security personnel are responsible for governing, managing and delivering on The Hartford’s cybersecurity practices. 

The Information Security Specialist will help to support the direction of our company’s cyber security programs thru, professional support and technical expertise.  The individual shall be aware of basic industry standards such as NIST and ISO, ability to understand government regulations and track emerging cyber threats. In addition, this individual will have a general knowledge regarding security domains such as multifactor authentication, network security and third-party risk Specialist will interface with business segments and vendor partners to understand the services and perform detailed reviews of the security practices of the vendor through questionnaires, interviews, and supporting material. This work culminates with the communication of findings and recommendations based on a risk assessment which balances business priorities against security needs and requirements of the company. 

RESPONSIBILITIES: 

• Support vendor oversight and monitoring programs to identify emerging risks. 
• Perform third-Party Security Assessments to evaluate the security practices and programs to protect The Hartford’s interests. 
• Support business areas in responding to customer inquiries regarding The Hartford’s information security policies, programs and practices. 
• Approve remote access requests for vendor resources, based on diligence performed to ensure appropriate security protocols. 
• Respond to ad-hoc technical security consulting requests, including at times supporting teammates with security-related projects and support services. 
• Maintain awareness of existing and proposed security standards for state/federal regulations regarding information security and data privacy.
• Identify and assesses the technical severity and potential business impacts to classify risks. 
• Communicate post risk assessment findings to internal stakeholders Information Security concepts in a way that consistently drives objective, fact-based decisions. 
• Participate phishing email reviews and assist in security awareness activities.  

Candidate must be authorized to work in the US without company sponsorship. The company will not support the STEM OPT I-983 Training Plan endorsement for this position.

QUALIFICATIONS: 

• Bachelor of Science Degree, in one of the following disciplines: Engineering, Computer Science, Information Security or related field. 
• Minimum of 2 years of work experience in Information Security and/or a closely related function such as threat management, IT Risk, IT Audit, IT Compliance, etc. 
• Knowledge of regulatory compliance and information security management frameworks, including NIST CSF, NIST 800 series, IS0 2700 series, COBIT, etc. 
• Practical experience with risk assessment frameworks, including the BITS Shared Assessments program, Cloud Security Alliance (CSA) and other benchmark approaches. 
• Ability to apply sound judgement in review of third-party risk security rating platforms, 
• Understanding of cloud concepts including the primary cloud service models. 
• General understanding of technical and non-technical controls with a demonstrated ability to assess third parties.  
• Strong organizational skills with the capacity to multi-task on projects with shifting priorities 
• A process-oriented mindset with a professional demeanor and customer-focused support 
• Effective decision-making capabilities with a proven ability to weigh the cost-benefit of potential actions or decisions. 
• Must have excellent written and verbal communication skills. 
• Demonstrated interest in the continuous learning mindset. 
• Ability to demonstrate business ethical conduct in choosing a course of action consistent with The Hartford’s core values. 
• Industry security relative certifications such as, CISSP, CISM, CISA, CRISC, CIPP, CDPSE (preferred or willing to obtain)

Candidates who live near one of our primary locations (Hartford, CT, Charlotte, NC, Columbus, OH, or Chicago, IL) will have the expectation of working in an office 3 days a week (Tuesday through Thursday).

Compensation

The listed annualized base pay range is primarily based on analysis of similar positions in the external market. Actual base pay could vary and may be above or below the listed range based on factors including but not limited to performance, proficiency and demonstration of competencies required for the role. The base pay is just one component of The Hartford’s total compensation package for employees. Other rewards may include short-term or annual bonuses, long-term incentives, and on-the-spot recognition. The annualized base pay range for this role is:

$92,640 - $138,960

Equal Opportunity Employer/Females/Minorities/Veterans/Disability/Sexual Orientation/Gender Identity or Expression/Religion/Age

About Us | Culture & Employee Insights | Diversity, Equity and Inclusion | Benefits