"Alerted.org

Information Security Senior Specialist - IS07EE

We’re determined to make a difference and are proud to be an insurance company that goes well beyond coverages and policies. Working here means having every opportunity to achieve your goals – and to help others accomplish theirs, too. Join our team as we help shape the future.

The Hartford’s Information Protection (THIP) organization is seeking an experienced IT security professional to join a high-performing team responsible for governing, managing and delivering our company’s cybersecurity defenses. As a Sr. Security Specialist, the selected candidate will have the opportunity to influence the strategic direction of our company’s cyber security programs by providing thought leadership, professional support, and valued contributions to a range of activities. Ideal candidates will have strong technical skills across various security technologies, working knowledge of security incident response protocols, monitoring security technologies in an enterprise environment and an awareness of emerging cyber threats and trends.

This role within our Threat Management team will provide level 2 and level 3 Security Operations Center (SOC) and incident response escalation support for The Hartford’s Incident Response (IR) team including threat hunting responsibilities. The candidate will collaborate and have significant interaction with The Hartford’s SOC. This position plays a critical role in detecting and responding to potential security incidents while helping to improve The Hartford’s incident response capabilities.

This position is responsible for performing day to day detection, triaging and responding to security incidents leveraging Hartford security information and event management technologies (SIEM). Specifically, this role has responsibilities for:

+ Reviewing the on premise SIEM platform daily to detect potential security events, primarily to review, vet and triage L1 escalated events.

+ Providing support during standard business hours, as well as participating in a rotational, 24/7 on-call escalation schedule.

+ Perform analysis of logged security correlations and of event data from next-gen firewalls, endpoint security, packet capture, web proxies and other network and security technologies. Performing triage and investigation on incidents to determine risk level and remediation

+ Review sourced vendor threat intelligence reports and conduct hunts in relevant technologies

+ Using enterprise security technologies to continuously monitor the company’s assets, conduct technical analysis of network traffic to identify anomalies and taking actions to respond to potential vulnerabilities and threats.

+ Escalation of priority incidents to infrastructure, security, and other internal teams as necessary

+ Providing input to improve detection content and supporting the overall monitoring, detecting and cybersecurity incident response activities

+ Identifying incidents through proactive “hunting” analysis of security-relevant data sets

+ Taking an active role in supporting broader Security Incident Response protocols, including partnering with other technology areas to respond and recover in a coordinated and timely manner.

This role will have a Hybrid work schedule, with the expectation of working in an office (Hartford, CT or Charlotte, NC) 3 days a week (Tuesday through Thursday).

QUALIFICATIONS:

+ 3+ years of work experience in Information Security and Threat Management disciplines

+ 4+ years in similar technical roles, such as those working with networking, client and server management.

+ Experience in monitoring hybrid cloud environments is desired. (AWS, GCP, Azure, Microsoft M365)

+ Experience in NGAV and EDR tooling (Carbon Black / CrowdStrike / SentinelOne / MS Defender)

+ Experience writing search queries and navigating current and modern SIEM technologies

+ Experience using/querying TIPs (Threat Intelligence Platforms).

+ Knowledge of attack vectors (malware, web application, social engineering, etc.)

+ Understanding of behavior and capabilities of malware and identifying indicators of compromise and usage of sandboxing technologies or services.

+ Knowledge of various security methodologies and processes, and technical security solutions (firewall, packet analysis, SIEM, endpoint detection and response and intrusion detection systems)

+ Demonstrated experience in effectively partnering across organizational teams, working collaboratively with professionals that support end-user services, network technologies, cloud computing, infrastructure, and applications.

+ An ability to identify and assess the severity and potential impact of threats and communicate assessment findings in a way that consistently drives objective, fact-based decisions.

+ Strong decision-making capabilities with a proven ability to weigh relative business impacts against the importance of security measures.

+ A willingness to continuously learn and develop skills commensurate to this role and other potential growth opportunities within and across the organization.

+ Industry recognized certifications: ISC2, GIAC, ISACA certifications are preferred.

+ College degree in Computer Science, Information Security, Engineering, related field, or equivalent experience.

Candidate must be authorized to work in the US without company sponsorship. The company will not support the STEM OPT I-983 Training Plan endorsement for this position.

Compensation

The listed annualized base pay range is primarily based on analysis of similar positions in the external market. Actual base pay could vary and may be above or below the listed range based on factors including but not limited to performance, proficiency and demonstration of competencies required for the role. The base pay is just one component of The Hartford’s total compensation package for employees. Other rewards may include short-term or annual bonuses, long-term incentives, and on-the-spot recognition. The annualized base pay range for this role is:

$116,400 - $174,600

Equal Opportunity Employer/Sex/Race/Color/Veterans/Disability/Sexual Orientation/Gender Identity or Expression/Religion/Age

About Us (https://www.thehartford.com/about-us) | Our Culture (https://www.thehartford.com/about-us/corporate-culture) | What It’s Like to Work Here (https://www.thehartford.com/careers/our-employees) | Perks & Benefits (https://www.thehartford.com/careers/benefits)

Every day, a day to do right.

Showing up for people isn’t just what we do. It’s who we are – and have been for more than 200 years. We’re devoted to finding innovative ways to serve our customers, communities and employees—continually asking ourselves what more we can do.

Is our policy language as simple and inclusive as it can be? Can we better help businesses navigate our ever-changing world? What else can we do to destigmatize mental health in the workplace? Can we make our communities more equitable?

That we can rise to the challenge of these questions is due in no small part to our company values that our employees have shaped and defined.

And while how we contribute looks different for each of us, it’s these values that drive all of us to do more and to do better every day.

About Us (https://www.thehartford.com/about-us)

Our Culture

What It’s Like to Work Here (https://www.thehartford.com/careers/our-employees)

Perks & Benefits (https://www.thehartford.com/careers/benefits)

Legal Notice (https://www.thehartford.com/legal-notice)

Accessibility StatementProducer Compensation (https://www.thehartford.com/producer-compensation)

EEO

Privacy Policy (https://www.thehartford.com/online-privacy-policy)

California Privacy Policy

Your California Privacy Choices (https://www.thehartford.com/data-privacy-opt-out-form)

International Privacy Policy

Canadian Privacy Policy (https://www.thehartford.com/canadian-privacy-policy)

Unincorporated Areas of LA County, CA (Applicant Information)

MA Applicant Notice (https://www.thehartford.com/ma-lie-detector)