Vacancy expired!
Company Summary
Taking care of our customers, our communities and each other. That's the Travelers Promise. By honoring this commitment, we have maintained our reputation as one of the best property casualty insurers in the industry for over 160 years. Join us to discover a culture that is rooted in innovation and thrives on collaboration. Imagine loving what you do and where you do it.Target Openings 1Job Description Summary The Security Engineering team within Infrastructure and Cloud Services (ICS) organization at Travelers has an exciting opportunity for a Cybersecurity professional to join its Application Security team. The incumbent will work with lines of business technology application development teams to ensure their code is secure and free from vulnerabilities, provide "DevSecOps" type capabilities leveraging automation and self-service capabilities, develop API integrations for Security tools, such as Static Analysis (SAST), Dynamic Analysis (DAST), and Interactive Application Security Testing (IAST), and perform penetration testing against web applications and services, including Cloud based applications, and assist in management of Web Application Firewalls (WAF), including policy creation, tuning, and monitoring. Successful candidate will bring experience providing high-level support with a comprehensive knowledge of specific IS Security methodologies, processes, and software packages and a conceptual understanding of other IS Security procedures and policies. Primary Job Duties & Responsibilities- Support/Develop existing and new automation capabilities to support the Application Security program at Traveler
- Partner with business units to provide better secure coding knowledge.
- Assist in supporting Static Analysis, Dynamic Analysis and IAST testing capabilities
- Perform manual penetration testing of web applications/services
- Provide operational support, trouble shooting and maintenance of Security related processes, controls or products.
- Independently analyze and resolve problems of medium to high complexity.
- Configure, test, document and implement new or upgrades to security processes, controls or products as directed.
- Participates in resolving situations involving improper attempts to access or infiltrate our networks.
- Recommends changes to area procedures and products. Implements with management review.
- Support reviewing or identifying and responding to security events and escalating to management.
- Consults with business peers to support and resolve cybersecurity events.
- Understands and has input to the budget process, and shares responsibility for cost-effective expense control of assigned projects.
- Participate in Security and enterprise projects as assigned.
- Act as a security representative at design and new technology meetings.
- Provides guidance to more junior employees.
- High school diploma or equivalent required.
- One year of work experience within Computer Science or a related field required.
- Bachelor's Degree in a STEM (Science, Technology, Engineering, Math) discipline preferred.
- Three years of relevant experience with Cybersecurity practices, processes, and Cybersecurity event investigation/resolution preferred.
- Experience providing high-level support with a comprehensive knowledge of specific IS Security methodologies, processes, and software packages and a conceptual understanding of other IS Security procedures and policies preferred.
- Programming/development skills (preferably in Python and Powershell)
- Application security knowledge
- SAST, DAST, IAST testing experience
- Web Application penetration testing
- Web Application Firewall (WAF) experience
- Problem Solving: Demonstrates sound analytic and diagnostic skills dealing with issues that are loosely defined and/or where information is available but must be further manipulated. Once decisions are made, is able to follow and direct action to implement intended results. Breaks a problem down to manageable pieces and implements effective, timely solutions. Openly and directly confronts conflict until resolved.
- Team Orientation: Builds relationships with peers and other departments to achieve objectives, to work as one team and to secure necessary resources not under his/her personal control. Balances team and individual responsibilities. Exhibits objectivity and openness to others' views. Gives and welcomes feedback. Puts success of team above self.
- Leadership: Supports a distinct business unit or several smaller functions.
- Responsibilities are assigned with some latitude for setting priorities and decision-making using established policies and procedures. Results are reviewed with next-level manager for clarification and direction before proceeding.
- Planning and Project Management: Works with the project manager in identifying those project tasks that are most important, establishes clear priorities and understands the larger picture. Anticipates and effectively responds to changes in workload and resources.
Vacancy expired!