Travelers Application Security Engineer - Remote in Indianapolis, Indiana
Taking care of our customers, our communities and each other. That’s the Travelers Promise. By honoring this commitment, we have maintained our reputation as one of the best property casualty insurers in the industry for over 160 years. Join us to discover a culture that is rooted in innovation and thrives on collaboration. Imagine loving what you do and where you do it.
Job Description Summary
You will be a point of contact for the Claim Application Security program. This program includes interpretation of code scanning results to help developers remediate vulnerabilities in internally developed applications. You will also be the point of contact for threat modeling activities for Claim IT Agile Release Trains (ARTs). You will be responsible for working with Claim IT architects and developers, within the assigned Agile Release Trains, to help guide them through the different activities surrounding defensive coding techniques. You will work closely with the Claim Architecture Review Board to identify architectural patterns in use and work with the team to ensure threat modeling is conducted against the understood patterns. You will be responsible for working with the architects to develop a plan to ensure that all patterns are reviewed with a regular cadence and work with the teams to ensure that necessary audit artifacts are documented.
The successful candidate for this role will be expected to think like an attacker and anticipate how they might exploit weaknesses. You will be responsible for researching relevant attack methods and engage with other LOBs and Information Security to help ensure that all relevant risks are identified and addressed throughout the DevOps process. This includes creation of standards and procedures as they relate to the SDLC process including such areas as peer code review and definition of artifacts that can be utilized for audit purposes. You will work directly with Agile teams to ensure security is included throughout the entire development process while ensuring minimal impact to schedules. You will work closely with developers to help ensure that a culture of security is woven into the development cycle and identify opportunities to shift identification of vulnerabilities to earlier in the development process. You will serve as the conduit between Claim IT developers and Information Security since they are responsible for performing the scans.
Primary Job Duties & Responsibilities
Point of contact for the Claim Application Security program.
Point of contact for threat modeling activities for Claim IT.
Work directly with Claim IT architects and developers to help guide them through defensive coding practices.
Research relevant attack methods and engage with other LOBs and Information Security to help ensure that all relevant risks are identified and addressed.
Guide product and engineering teams to building secure features through security architecture design reviews and threat modeling.
Be an advocate for secure coding practices across all engineering teams.
Use attack driven techniques to defend our applications and systems by discovering weaknesses in our web and mobile application portfolio.
Work with the ARTs to ensure security is embedded throughout the entire development process.
Interact with the BISO for Claim and Information Security to build program documentation and ensure the program aligns with policy requirements.
Serve as the go between for Claim IT developers and Travelers Information Security.
High school diploma or equivalent required.
Five years of work experience within Computer Science or a related field required.
Education, Work Experience, & Knowledge
Bachelor’s Degree in a STEM (Science, Technology, Engineering, Math) discipline preferred.
Seven years of relevant experience with Cybersecurity practices, processes, and Cybersecurity event investigation/resolution preferred.
Broad knowledge of all IT related technologies with subject matter expertise in IT Security related technology and business exposures impacting organizational vitality preferred.
Job Specific Technical Skills & Competencies
Demonstrates sound analytic and diagnostic skills dealing with issues that are loosely defined and/or conflict with available information.
Knows where to obtain information needed to make the appropriate decisions.
Breaks a problem down to manageable pieces and implements effective, timely solutions. Is very good at identifying the problem versus the symptom.
Deals increasingly with problems that require involvement of others to solve.
Has the ability to reach sound decisions quickly.
Carefully evaluates alternative risks and solutions before taking action. Optimizes the use of all available resources.
Maintains partnerships across the organization, and is able to influence senior management, peers and staff through an inclusive style and recognition of their abilities to achieve results.
Puts success of the team is above own interest.
Manages functional objectives and priorities supporting multiple assigned business units.
Responsibilities are assigned with latitude for setting priorities and decision-making using generally accepted guidelines.
Results are reviewed with next-level manager for clarification according to predefined objectives.
Planning and Project Management:
Develops operational plans and provides resource estimation for task planning.
Proposes plans of action that are timely, realistic, and positive.
Sets appropriate goals for projects and monitors progress against the plan.
Travelers is an equal opportunity employer. We value the unique abilities and talents each individual brings to our organization and recognize that we benefit in numerous ways from our differences.
If you have questions regarding the physical requirements of this role, please send us an email so we may assist you.
Travelers reserves the right to fill this position at a level above or below the level included in this posting.
- Travelers Jobs