Director Data Security

In an uncertain world, Travelers is an insurance leader, committed to keeping pace with the ever-changing needs of our customers, and anticipating their needs for the future. There is no stronger testament to our dedication to protecting customers from loss than our continued innovation and ability to transform our industry.

Plans and executes at a tactical level and manages the effective use of resources to develop and/or implement large complex project(s) or IT Security Transformations. Leads and trains less experienced members of the team. Is the go-to expert for some aspect of IT Security. Provides input and insight into strategic planning. Takes leadership for security incident or situation. Sets strategy for some element of security program. Drives complex enterprise projects. Provides ownership for parts of the enterprise security strategy. Understands security trends in the industry, and can provide proposals to reduce risk using new tools and techniques. Provides consulting and security reviews for new business processes.

* Manages the tactical and strategic plan for assigned IT security area. * Assists in the execution of departmental and corporate security mission. * Advocates the use of technology to advance Travelers Information Security program. * Contributes to staffing and project plan estimations in collaboration with the project manager, architecture and other groups. * Maximizes cost and benefit for enhancement and/or project execution. * Work with OAI-sys, audit, legal, and Lines of Business on solution or issue resolution. * Builds and leverages effective alliances across technical and business communities ensuring the best utilization of resources and creation of world-class security. * Provides technical leadership for internal and external teams, fosters a team environment, and provides mentorship and performance feedback on technical resources. * Ensures work complies with Travelers standards, processes and protocols.

* Bachelor degree preferred or equivalent work experience, minimum 8 years of work experience in related field. * Able to lead security transformation for an area of information security (endpoints, network, email, e-discovery). * Demonstrates technical mastery for security components, and ability to influence technical direction. * Demonstrates a solid knowledge of business requirements and external threats. * Demonstrates expert knowledge of information security as well as the interaction of enterprise components and policies. * Leverages enterprise and industry best practices and standards. * Works to ensure information security follow and promote design best practices. * This position will have the primary responsibility for management of the Policy and Standard of the Information Security Program. This requires a strong knowledge of industry Information Security Standards from NIST, ISACA, ISO, PCI and other regulatory and standards organizations as well as a working knowledge of Policy Management automation in eGRC systems. Archer Policy Manager experience preferred. * This position will have a shared responsibility to manage the Travelers Information Security Framework. This requires strong knowledge of various industry standard frameworks such as CoBit 5, PCI DSS3.1, ISO-27002 and others. * This position will have a shared responsibility to develop and manage assurance and assessment of Information Security controls. This requires strong skills in analytics, Information Security and Technology as well as awareness of common models and methodologies for program governance and key risk (KRI) and key performance (KPI) metrics. * This position will have a shared responsibility for directing risk-based strategic planning for the security program. This requires strong skills in the areas of project and strategic planning, presentation and reporting skills. * This position will act as a liaison between the Information Security Program and Travelers IT Risk Management Program. This requires a working knowledge of IT risk management and eGRC programs and automation.