Solid reputation, passionate people and endless opportunities. That’s Travelers. Our superior financial strength and consistent record of strong operating returns mean security for our customers – and opportunities for our employees. You will find Travelers to be full of energy and a workplace in which you truly can make a difference.
Job Summary
Drive Information Security program requirements into the Line of Business and monitor compliance. Meet (at minimum) quarterly with Line of Business CIO/team to share key information security initiatives, metrics and standards and gain insight into Line of business initiatives and activities relevant to information security.
Understand Line of Business vision and strategy to provide input to Information Security for planning purposes. Advocate on behalf of, and partner with as directed, Information Security in the Enterprise rollout and implementation of security tools and enhancements.
Act as Information Security’s liaison to the Line of Business for the Enterprise Information Security training and awareness program. Socialize Security Policies and Standards with applicable line of business technology and business partners and support the exception management process.
Marketing Description
Drive Information Security program requirements into the Line of Business and monitor compliance. Meet (at minimum) quarterly with Line of Business CIO/team to share key information security initiatives, metrics and standards and gain insight into Line of business initiatives and activities relevant to information security.
Understand Line of Business vision and strategy to provide input to Information Security for planning purposes. Advocate on behalf of, and partner with as directed, Information Security in the Enterprise rollout and implementation of security tools and enhancements.
Act as Information Security’s liaison to the Line of Business for the Enterprise Information Security training and awareness program. Socialize Security Policies and Standards with applicable line of business technology and business partners and support the exception management process.
Primary Job Duties & Responsibilities
Participate in LOB Architecture Review Meetings to communicate security requirements and identify gaps requiring formal risk assessment and business response. Engage in production readiness activities to ensure compliance with Policies & Standards.
Participate in Line of Business planning events to identify Security impacts in upcoming features and to ensure security requirements/controls are included in the Definition of Done when appropriate. Provide timely Information Security engagement on relevant activities and initiatives.
Provide Line of Business input for consideration to Information Security Identify Access Management SMEs for evolving the Access Management strategy, products, and tools. Work with Line of Business governance and oversight for access entitlement and provisioning processes. Provide governance, oversight and direction to ensure that access recertification processes are in-place, appropriately staffed and meet the compliance and risk management needs of the organization.
Provide Line of Business input to application security SMEs for consideration to evolve strategy, products, and tools. Work with LOB teams to resolve issues completing scans, consult on results and appropriate and appropriate actions to remediate. Provide security consultation and advocacy for enterprise directions that have been set by Information Security.
Provide Line of Business input to threat and vulnerability security SMEs for consideration to evolve strategy, products, and tools. Provide oversight and LOB direction for data loss prevention processes; execute enterprise objectives and ensure line of business adoption of opensource management and addresses vulnerability remediation across line of business platforms and applications; socialize results of enterprise red team exercises and provide enterprise security LOB support in the handling of security incidents.
Minimum Qualifications
Five years of Technology experience required. One year of experience with leading change management, risk mitigation and/or large scale IT implementations required.
Education, Work Experience & Knowledge
Eight years of experience in Risk Management or related fields such as Audit, IT Security, or Business Continuity preferred. Bachelors degree in Technology or a related field preferred. One year of experience leading technical teams preferred.
Job Specific & Technical Skills & Competencies
Technical Knowledge – Advanced: Technical expertise to understand detailed issues around business continuity, security, and overall risk in IT. Able to have enough expertise to drive a solution and solve issues, addressing risk. Business Knowledge & Partnership – Advanced: Creates an atmosphere where business partner’s issues are dealt with professionally, and in a timely manner. Suggests solutions and drive results that make sense and improve the performance of the assigned systems. Ensures customer’s perspective is understood to optimize system(s) support of the business goals. Communicates openly and effectively in a manner consistent with the audience. Recognizes the importance of superior quality in providing a competitive edge. Ensures that reports are precise, timely and accurate. Problem Solving & Decision Making – Advanced: Demonstrates exceptional analytical and diagnostic skills dealing with issues that are loosely defined and/or where information is available but must be further manipulated. Once decisions are made, is able to develop and lead the management plan and direct activities to obtain intended results. Breaks a problem down to manageable pieces and implements effective, timely solutions. Takes input from several sources, decides if all the information needed is available and moves to a decision. Openly and directly confronts conflict until resolved. This role requires strong judgment, reasoning and organizational savvy. Team Orientation – Advanced: Maintains effective partnerships across the organization and is able to influence senior management, peers and subordinates through an inclusive style and recognition of their abilities and knowledge. Balances team and individual responsibilities. Exhibits objectivity and openness to others’ views. Gives and welcomes feedback. Puts success of team above own interest. Leader a distinct business unit or several smaller functions, at times with enterprise scope of responsibilities. Responsibilities are assigned with some latitude for setting priorities and decision-making using established policies and procedures. Provides business partners and/or staff with clarification and direction before proceeding. This role requires expertise in lobbying, influencing without authority, and cross-enterprise integration Leadership – Advanced: Supports a distinct business unit or several smaller functions. Responsibilities are assigned with some latitude for setting priorities and decision-making using established policies and procedures. Results are reviewed with next level manager for clarification and direction before proceeding. This role requires expertise in lobbying, influencing without authority, and cross-enterprise integration. Planning and Project Management – Advanced: Identifies those unit tasks that are most important and maintains a clear sense of priorities and the larger picture. Anticipates and effectively responds to changes in workload and resources.
Licensing or Certificates
B.S. in IT related discipline or similar degree preferable. Experience with leading change management, risk mitigation and/or large scale IT implementations preferable. CRISC designation preferred or attained within 2 years.
Equal Employment Opportunity Statement
Travelers is an equal opportunity employer.
Find one job in US 