Jobs · Information Technology · Connecticut

Senior IT Risk and Compliance Engineer

Talcott Financial Group · Greater Hartford · 1 wk ago
Information Technology$127/hrFull-time

Overview

Talcott Resolution is seeking a Senior Information Security Analyst to join our cybersecurity team at a pivotal moment in our program’s maturation.

Responsibilities

  • Partner with business units and IT leadership to develop, maintain, and operationalize information security policies, standards, and procedures

  • Collaborate with stakeholders across the enterprise to formulate security strategies and risk reduction guidelines that align with business objectives

  • Consult with business and technology teams on building secure processes and information systems from the ground up

  • Help evolve the security awareness program, translating technical risk into clear communication for employees at all levels within the organization

  • Lead efforts with business units to assess, document, accept, and/or mitigate risk associated with enterprise-wide initiatives and third-party relationships

  • Perform detailed threat and vulnerability analysis, combining sound analytical skills with advanced knowledge of IT security risks

  • Evaluate the severity and potential impact of identified threats, translating findings into actionable recommendations for leadership and business stakeholders

  • Lead and perform security assessments of third parties and partners, documenting findings and driving remediation

  • Serve as a key resource in preparing for internal audits, external audits, and state regulatory examinations including drafting responses, managing evidence, and tracking remediation commitments

  • Maintain a current understanding of the threat landscape through ongoing research into emerging risks and their potential impact on our environment

  • Monitor ongoing compliance with information security policies and assist business units in managing exceptions to policy and standards

  • Identify and implement opportunities to automate manual GRC and compliance workflows, reducing operational overhead and improving program consistency and accuracy

  • Develop metrics, dashboards, and reporting mechanisms to provide leadership clear visibility into risk posture and program health

  • Evaluate new and emerging security technologies leading proof-of-concept assessments and making recommendations to management

Qualifications

  • Bachelor’s degree in information security, Computer Science, Information Systems, or a related field

  • Minimum of 7 years of cybersecurity experience with strong expertise in governance, risk, compliance, or audit support functions

  • Industry-recognized certification such as CISSP, CISM, CRISC, or equivalent ISACA or GIAC credential

  • Practical experience with cloud security controls (Azure, Oracle Cloud, or Microsoft 365)

  • Demonstrated experience supporting regulatory examinations or external audits, including evidence preparation and remediation tracking

  • Exceptional written and verbal communication skills, with the ability to convey technical risk clearly to non-technical audiences

  • Strong organizational skills with the ability to manage multiple workstreams, priorities, and stakeholders simultaneously

  • Experience in the insurance or financial services industry, particularly in environments subject to state insurance department oversight is preferred

  • Familiarity with GRC platforms or security automation tooling (e.g., ServiceNow GRC, Archer, or similar)

  • Experience scripting or light automation skills (Python, PowerShell) applied to security or compliance use cases

  • Familiarity with vulnerability management programs and third-party risk assessment methodologies

Similar jobs

Senior IT Risk Analyst

Rockland TrustPlymouth, MA· 3 wk ago
Information Technologyapply on eehb.fa.us2.oraclecloud.com

Senior IT Compliance Analyst

Ingram Content GroupLa Vergne, TN· 2 wk ago
Information Technology$97k–$123k/yrapply on jobs.smartrecruiters.com