Information Security Risk Specialist
Under general supervision, this position: Works with Risk Control, Underwriting, and Claim Services to provide advanced technical expertise in the prevention and investigation of large-scale losses involving data-breaches, information security incidents, and cybercrime. Aids in the evaluation of technical risk exposures for customers applying for cyber insurance. Provides subject matter expertise to strategic enterprise efforts involving cyber insurance including training, vendor partnerships, marketing, and other areas. This job does not manage staff.
Primary Job Duties & Responsibilities
Provides expertise, consults, and advisement to cyber insurance underwriters during the technical evaluation of information security risks including meeting with leadership and security professionals of organizations seeking cyber insurance. Works closely across Risk Control to develop white papers, advisories and best practices on the subject of information security protocols and controls. Aids claim professionals in the investigation of cybercrime and information security related losses including interactions with external digital forensics firms and data privacy law firms. On a post loss basis, interprets and learns from information security control failures that contributed to customer losses. Maintains an expert understanding of the cybercrime environment and investigative techniques for losses involving computer hacking, malware, and funds transfer thefts. Maintains an expert understanding of information security technology, best practices, and common control failures. Collects and analyses cybercrime intelligence internally from the claim population as well as externally. Assists in the identification and communication of trends, makes recommendations to business partners in areas involving cyber and technology-related threats. As a subject matter expert, assists in strategic enterprise efforts involving cyber insurance including training, vendor partnerships, marketing, and other areas. Other duties as assigned.
Five years’ experience in computer forensics, incident response, or information security disciplines required Industry standard information security certification(s) or equivalent experience involving information security risk evaluation and controls is required. Examples include EC-Council Certified Ethical Hacker, various Global Information Assurance Certifications (GIAC), and Payment Card Industry Qualified Security Assessor
Education, Work Experience & Knowledge
Bachelor’s Degree in computer science, information security, engineering, or related field preferred Working experience in two or more of the following preferred: software development, malware analysis, the development of information security controls, data breach incident response, penetration testing / technical risk assessment
Operates standard office equipment (Frequently) Sitting (Can stand at will) (Frequently) Standing (Frequently) Use of Keyboards, Sporadic 10-Key (Frequently)
Equal Employment Opportunity Statement
Travelers is an equal opportunity employer.
In fact, from the first ever auto and space travel policies and hybrid car discount, to the 2009 founding of The Travelers Institute for public policy, our history of advancements has propelled our company—and our industry—towards ever higher standards for customers.
Today, more than 150 years after our founding, Travelers is one of the nation's largest property casualty companies. A component of the Dow Jones Industrial Average, Travelers has more than 30,000 employees, 13,000 independent agents and multiple market segments across the personal, business, financial and international insurance groups. Travelers has operations in the United States, United Kingdom, Canada, Lloyd’s of London, and the Republic of Ireland. In Brazil, the company also has a joint venture partnership with JMalucelli, Brazil’s market leader in surety.
Minimizing risk, preventing loss and helping our customers prepare for the unknown, Travelers' comprehensive products, services and support give individuals and businesses the confidence they need to feel secure.
Company Type: Public Company
Company Size: 10,001+