Technology Risk & Security Officer II

Who Are We?
Taking care of our customers, our communities and each other. That's the Travelers Promise. By honoring this commitment, we have maintained our reputation as one of the best property casualty insurers in the industry for over 160 years. Join us to discover a culture that is rooted in innovation and thrives on collaboration. Imagine loving what you do and where you do it.

Compensation Overview
The annual base salary range provided for this position is a nationwide market range and represents a broad range of salaries for this role across the country. The actual salary for this position will be determined by a number of factors, including the scope, complexity and location of the role; the skills, education, training, credentials and experience of the candidate; and other conditions of employment. As part of our comprehensive compensation and benefits program, employees are also eligible for performance-based cash incentive awards.

Salary Range
$117,200.00 - $193,400.00

Target Openings
1

What Is the Opportunity?
At Travelers, Our Risk & Security Officers assess internal and external cyber and tech risks and design, test, and monitor the operational effectiveness of cyber and tech controls at Travelers and key third parties. They identify opportunities to improve cyber and tech posture, assist in recommending and prioritizing risk-based remediations, and monitor and report completion. Risk & Security Officers provide assurance of internal governance practices and training and awareness of cyber and tech policy changes. As an Risk & Security Officer II, you are the point person for an assigned business area and/or enterprise function that identifies and analyzes multiple processes for cyber and tech risks. You will assess the associated controls for design and operational effectiveness. You will communicate the results of your work with business customers and, if applicable, third-party contacts. Leveraging your technical expertise, you will effectively convey the risk and business implications of any observations and make recommendations to enhance controls or processes. You will lead projects that have impacts across the department and enterprise.
What Will You Do?

• Influence reduction of risk as part of our Third Party Risk Management program.
• Perform assessment of technology controls and provide recommendations to appropriate stakeholders should improvement opportunities be identified.
• Owns a portfolio and/or business area which includes the review and work assignments for risk, policy, and/or cyber risk posture; analyze and assign cyber risk posture for more complex risks.
• Make recommendations for process improvement within assigned lines of business.
• Strategically lead risk discussions across portfolio and drive standardized cyber and tech control processes and procedures.
• Recommend cyber and tech controls across multiple third party platforms (i.e., cloud, network, and endpoint control fundamentals) to create a solution that assures risk mitigation.
• May coordinate efforts to enable solution across lines of business for enterprise benefit.
• Identify trends and areas of improvement.
• Proactively identify cyber and tech risks and areas of non-compliance and recommend solutions.
• Educate and train business partners on risks and compliance concepts.
• Perform other duties as assigned.

What Will Our Ideal Candidate Have?

• Degree in Computer Science, Technology Auditing, or related field.
• 5 years' experience in a risk management, audit, computer networking, network security or related role.
• COMPTIA, Security+, CRISC, CISSP, CISA or related cyber certification and/or pursuing a CISSP designation.
• Knowledge of compliance concepts (i.e., PII, GDPR, PIPIDA, PCI DSS, FTC) in order to apply them to real world problems and identify gaps.
• Deep technical knowledge of key security frameworks and assessments (SIG, SANS, NIST, PCI, SOC2, COBIT, SOX, ISO2700) and security principles and methods.
• In-depth understanding of Cloud, Network, Endpoint (etc.) controls and how the controls inter-play within a control environment.
• Excellent communication skills with the ability to consult on projects and present information effectively.
• Ability to manage multiple projects simultaneously and follow through to ensure timely completion.

What is a Must Have?

• Bachelor's degree or its equivalent in work experience.
• 3 years of audit, technology, cyber, or related work experience.

What Is in It for You?

• Health Insurance: Employees and their eligible family members - including spouses, domestic partners, and children - are eligible for coverage from the first day of employment.
• Retirement: Travelers matches your 401(k) contributions dollar-for-dollar up to your first 5% of eligible pay, subject to an annual maximum. If you have student loan debt, you can enroll in the Paying it Forward Savings Program. When you make a payment toward your student loan, Travelers will make an annual contribution into your 401(k) account. You are also eligible for a Pension Plan that is 100% funded by Travelers.
• Paid Time Off: Start your career at Travelers with a minimum of 20 days Paid Time Off annually, plus nine paid company Holidays.
• Wellness Program: The Travelers wellness program is comprised of tools, discounts and resources that empower you to achieve your wellness goals and caregiving needs. In addition, our mental health program provides access to free professional counseling services, health coaching and other resources to support your daily life needs.
• Volunteer Encouragement: We have a deep commitment to the communities we serve and encourage our employees to get involved. Travelers has a Matching Gift and Volunteer Rewards program that enables you to give back to the charity of your choice.

Employment Practices
Travelers is an equal opportunity employer. We value the unique abilities and talents each individual brings to our organization and recognize that we benefit in numerous ways from our differences.

In accordance with local law, candidates seeking employment in Colorado are not required to disclose dates of attendance at or graduation from educational institutions.

If you are a candidate and have specific questions regarding the physical requirements of this role, please send us an so we may assist you.

Travelers reserves the right to fill this position at a level above or below the level included in this posting.

To learn more about our comprehensive benefit programs please visit .