We’re determined to make a difference and are proud to be an insurance company that goes well beyond coverages and policies. Working here means having every opportunity to achieve your goals – and to help others accomplish theirs, too. Join our team as we help shape the future.
This is a technical position that requires 5+ years of industry experience, as well as the engineering mindset to analyze and identify outstanding governance, risk, and compliance gaps and build maintainable standards and solutions. At The Hartford, our AWS cloud presence is growing and you will have a direct impact on the GRC standards of our cloud portfolio. You’ll have the opportunity to design, build, and innovate GRC related solutions that improve enterprise cloud computing and heighten security and compliance. The right candidate should be passionate for engineering; anything from identifying simple solutions to solving complex problems in support of our enterprise usage of AWS cloud services. This role will be accountable for helping us administrate, manage, and optimize our AWS resource usage, costs and adoption at the Enterprise level.
Responsibilities:
Actively engineer and implement compliance and security controls to allow internal developers to succeed with cloud products.
Work closely with engineering, product, and other business units to ensure regulatory control requirements are translated into understandable language that is informed by the organization’s current security practices and standards
GRC partners closely with Security, Business application owners, IT Infrastructure, IT application owners and IT architecture to ensure controls are operating effectively and informing on decision making to minimize risk
Ensure technical and operational security controls are incorporated into new services and offerings through participation in planning groups and the review of new systems, installations, and other major changes
Creation and maintenance of an operational governance framework that is referenceable as a working document to ensure compliance with GRC standards
Identify, engineer, and support automation to facilitate compliance with Governance Risk and Compliance (GRC) requirements for both preventative and detective controls.
Integrate Governance Risk and Compliance (GRC) toolsets into enterprise capabilities including Continuous Integration and Continuous Deployment pipelines, IT Service Management tooling, and Data Warehouse Platforms.
Assist the Teams on creating remediation plans where needed to resolve noncompliance issues
Establish/Maintain processes and procedures that support audit and compliance management as daily operational functions vs. a disruptive event
Own the successful planning and execution of 3rd party-risk assessments and audits
Lead continuous process improvement, automation and third-party tooling that support scalable compliance and audit support functions
Build rapport, credibility, and cohesion across all business units and teams
Provide transparency and status reporting through the use of meaningful and actionable scorecards and relevant operational metrics and KPI’s
Continue learning and building cloud knowledge into new services and solutions as they come to AWS.
Review Infrastructure as Code templates and deployments for conformance with required controls and governance
Implement and maintain various AWS tools to execute on GRC strategy
Recommend, develop, and support automation to facilitate compliance with GRC requirements for both preventative and detective controls.
Qualifications:
Bachelor's Degree in Computer Science, Engineering or related degree and 5+ years of cloud account administration, compliance and security experience on AWS
A background in systems, software or IT administration and have been responsible for the implementation of technical security controls
Expertise in AWS IAM, including IAM best practices surrounding, roles, policies, and permission boundaries.
Proficiencies with the use of risk and control frameworks, and process improvement models
Experience with internal/external audit procedures and processes
Translates compliance and technical requirements into relevant and understandable terms
Working with agile development teams, methodologies and toolsets
Strong written and verbal communication skills
Experience with Cloud Security standards and frameworks including NIST, CIS, etc.
Understanding of Configuration Management process, goals, and practices for cloud resources.
Proficiency in security and governance related AWS services:
CloudTrail
Security Hub
Config
GuardDuty
Inspector
SSM
ControlTower
Experience with enterprise log aggregation, search, alerting, and monitoring tools such as Splunk.
Familiarity with foundational IT concepts and their implementation in a hybrid cloud environment, including networking, encryption, logging, monitoring, etc.
Working experience with Continuous Integration and Continuous Deployment concepts, inclusive of source code management, automated build and deployment, artifact management, security scanning, and best practices for leveraging Infrastructure as Code (IaC).
Proficiency in, creating, reviewing, and best practices for leveraging Infrastructure as Code in various languages (CloudFormation, Terraform, GitHub Actions).
This role will have a Hybrid work arrangement, with the expectation of working in an office 3 days a week (Tuesday through Thursday) from Hartford, CT. Charlotte, NC. Chicago, IL. or Columbus, OH.
Candidates must be authorized to work in the US without company sponsorship. The company will not support the STEM OPT I-983 Training Plan endorsement for this position.
Compensation
The listed annualized base pay range is primarily based on analysis of similar positions in the external market. Actual base pay could vary and may be above or below the listed range based on factors including but not limited to performance, proficiency and demonstration of competencies required for the role. The base pay is just one component of The Hartford’s total compensation package for employees. Other rewards may include short-term or annual bonuses, long-term incentives, and on-the-spot recognition. The annualized base pay range for this role is:
$136,000 - $204,000Equal Opportunity Employer/Females/Minorities/Veterans/Disability/Sexual Orientation/Gender Identity or Expression/Religion/Age
About Us | Culture & Employee Insights | Diversity, Equity and Inclusion | Benefits