Job Description
Manager Information Security - IS07CE We’re determined to make a difference and are proud to be an insurance company that goes well beyond coverages and policies. Working here means having every opportunity to achieve your goals – and to help others accomplish theirs, too. Join our team as we help shape the future. We are seeking an experienced Technology Risk Manager with expertise in Cybersecurity and Vulnerability Management to oversee and mature our First Line Technology Risk program. This role will serve as a key risk partner to Technology, Cybersecurity, and Governance teams, ensuring security risks are identified and prioritized in alignment with the organization’s risk appetite. The ideal candidate brings a strong background in formal risk management, executive‑level communication, and cross‑functional partnership across the three lines of defense. Insurance or financial services experience is highly desirable. Why Join Us? This role offers the opportunity to shape and influence enterprise‑wide cybersecurity risk outcomes, partner with senior leaders, and play a critical role in protecting the organization while enabling business and technology innovation. Key Responsibilities Oversee the enterprise Vulnerability Management Risk Program, ensuring effective governance, prioritization, and risk‑based decision‑making Partner with technology and cybersecurity owners to review findings, validate risk severity, develop remediation plans, and manage risk acceptances Track, analyze, and report key risk indicators (KRIs), metrics, and trends, delivering clear, actionable insights to senior leadership and executive stakeholders Ensure cybersecurity risk management practices align with industry frameworks and regulatory expectations (e.g., NIST, ISO, FAIR, COBIT) Act as a liaison to 2nd line (Enterprise Risk Management, Compliance) and 3rd line (Internal Audit) teams, supporting risk assessments, exams, and audits Drive continuous improvement of risk processes, tooling, metrics, and governance to enhance cybersecurity risk posture Support risk‑based decision making by facilitating risk acceptances, exceptions, and remediation timelines in alignment with risk appetite This role will have a Hybrid work schedule, with the expectation of working in an office (Columbus, OH or Hartford, CT) 3 days a week (Tuesday through Thursday). Required Qualifications 5+ years of formal Technology Risk or Cybersecurity Risk Management experience Strong background in Cybersecurity and Vulnerability Management, including vulnerability lifecycle management and risk prioritization Strong understanding of controls and risks aligned to Identity and Access Management, Cyber Operations, Data security, Cloud Security, and Gen AI Security Demonstrated experience partnering with technology, infrastructure, application, and cloud teams Proven ability to communicate complex technical risk concepts to non‑technical and executive audiences Experience developing and reporting risk metrics, dashboards, and executive‑level reporting Solid understanding of risk management frameworks and standards (e.g., NIST CSF, NIST 800‑53, ISO 27001, FAIR, COBIT) Experience operating within a three lines of defense model Strong leadership, influence, and stakeholder management skills Preferred Qualifications Insurance industry or broader financial services experience Prior experience supporting regulatory exams, internal audits, and external assessments Experience leveraging automation and AI to improve cyber risk management processes, including risk identification, assessment, monitoring, and reporting. Familiarity with vulnerability scanning tools and risk governance platforms Experience with risk frameworks and formal risk documentation Relevant certifications such as CISSP, CISM, CRISC, or CISA Experience operating in large, complex, or highly regulated enterprise environments Candidate must be authorized to work in the US without company sponsorship. The company will not support the STEM OPT I-983 Training Plan endorsement for this position. Compensation The listed annualized base pay range is primarily based on analysis of similar positions in the external market. Actual base pay could vary and may be above or below the listed range based on factors including but not limited to performance, proficiency and demonstration of competencies required for the role. The base pay is just one component of The Hartford’s total compensation package for employees. Other rewards may include short-term or annual bonuses, long-term incentives, and on-the-spot recognition. The annualized base pay range for this role is: $126,800 - $190,200 Equal Opportunity Employer/Sex/Race/Color/Veterans/Disability/Sexual Orientation/Gender Identity or Expression/Religion/Age About Us | Our Culture | What It’s Like to Work Here | Perks & Benefits Every day, a day to do right. Showing up for people isn’t just what we do. It’s who we are – and have been for more than 200 years. We’re devoted to finding innovative ways to serve our customers, communities and employees—continually asking ourselves what more we can do. Is our policy language as simple and inclusive as it can be? Can we better help businesses navigate our ever-changing world? What else can we do to destigmatize mental health in the workplace? Can we make our communities more equitable? That we can rise to the challenge of these questions is due in no small part to our company values that our employees have shaped and defined. And while how we contribute looks different for each of us, it’s these values that drive all of us to do more and to do better every day. About Us Our Culture What It’s Like to Work Here Perks & Benefits Legal Notice Accessibility Statement Producer Compensation EEO Privacy Policy California Privacy Policy Your California Privacy Choices International Privacy Policy Canadian Privacy Policy Unincorporated Areas of LA County, CA (Applicant Information) MA Applicant Notice Hartford India Prospective Personnel Privacy Notice
Apply tot his job
Apply To this Job