Travelers Director, Cyber Risk Control in Des Moines, Iowa
Taking care of our customers, our communities and each other. That’s the Travelers Promise. By honoring this commitment, we have maintained our reputation as one of the best property casualty insurers in the industry for over 160 years. Join us to discover a culture that is rooted in innovation and thrives on collaboration. Imagine loving what you do and where you do it.
Job Description Summary
Reporting directly to the Enterprise Cyber Lead, this position provides subject matter expertise on cyber threats, cyber security, and emerging cyber technology to Product Management, Underwriting, Claims, and other teams across the Travelers enterprise. This position also provides cyber risk control resources to help Travelers insureds understand and mitigate cyber risks.
Primary Job Duties & Responsibilities
Provide detailed and accurate cyber risk assessments in a timely manner. Also, responsible for evaluating higher risk applicants and or participating in client/applicant visits and discussions.
Identification and analysis of existing and emerging cyber threats, communication of threats to enterprise SLT.
Direct involvement in claim investigations of large scale cybercrime related loses including events involving computer hacking, malware, and funds transfer thefts. Provide support to litigation teams involved with first party subrogation and/or third party liability defense.
Proactive identification of losses involving cybercrime using judgment and discretion to selectively devote resources to those which could have intelligence benefits to the development of cyber insurance products and services.
Working with TIS, coordination of efforts with law enforcement and the Travelers Prosecution Program, for pursuit of criminal prosecution of parties identified as being responsible for customer incurred losses, along with coordination of restitution through the criminal conviction process.
Provide specialized digital forensic support to insurance fraud investigations including utilizing state of the art techniques that enable the recovery and use of critical electronic evidence for litigation, investigations and other fact-finding initiatives.
Participates on cyber CAT team in the development of response model for a cyber CAT event. Will participate on the response team and coordinate efforts with the Digital forensic lab and other enterprise business units to respond to a cyber CAT event.
Development of training and education programs for internal use related to cyber risks, emerging threats, and investigative techniques and methods.
Provide enhanced client stewardship including training and education, high level evaluation of client’s vulnerabilities and or gaps in their cyber risk management, and emerging threat reporting to aid in breach prevention.
Bachelor’s Degree in computer science, engineering, or related field.
Five years’ experience in Incident Response, IT Risk Management, Cybersecurity, or other applicable information security disciplines.
Certification in or advanced knowledge of industry standards/regulations (NIST, ISO, PCI-DSS, GDPR, HIPAA, SOX, etc.) and identification and analysis of existing and emerging cyber threats.
Experience managing and or developing cyber, IT, ICS or Information Security controls.
Experience of overseeing or conducting independent risk assessments, business process, IT, or ICS control auditing
One industry standard information security certifications required (e.g., CISSP, CRISC, CISA, CSX, CFE, PCI); multiple certifications preferred.
Education, Work Experience, & Knowledge
All Enterprise Individual Contributor Competencies plus:
Advanced expertise in forensic investigations, cyber risk assessments, cyber risk controls, tools and industry best practices related to information and network security.
Advanced knowledge of IoT and ICS systems, controls and security best practices.
Advanced knowledge of data privacy laws and regulations including PCI-DSS, HIPPA, and other statutes protecting consumer identity information.
Advanced Knowledge of Liability, Bond, & Property coverage pertaining to Cyber insurance products.
Intermediate experience with budgeting, expense management, business plan development, strategic planning, employee development and policy and procedure development and management.
Advanced ability to coordinate, work with and gain the trust of business partners, technical resources, third-party vendors and customers.
Advanced ability to interact on a multidisciplinary team with other investigators, business partners and industry peers on projects related to ICS and information/network security.
Advanced written and verbal communication skills are required.
Advanced level of public speaking abilities as a subject matter expert on basic and advanced information and network security, basic, advanced and emerging cyber threats, and other related topics.
Advanced ability to communicate effectively with business partners, technology specialists, third party vendors, and customers.
Environmental / Work Schedules / Other
- Travel Requirements: Travel Occasionally
Travelers is an equal opportunity employer. We value the unique abilities and talents each individual brings to our organization and recognize that we benefit in numerous ways from our differences.
If you have questions regarding the physical requirements of this role, please send us an email (TAPHYREQ@travelers.com) so we may assist you.
Travelers reserves the right to fill this position at a level above or below the level included in this posting.
- Travelers Jobs