Application Security Engineer

Hartford, Connecticut

Solid reputation, passionate people and endless opportunities. That's Travelers. Our superior financial strength and consistent record of strong operating returns mean security for our customers - and opportunities for our employees. You will find Travelers to be full of energy and a workplace in which you truly can make a difference.



Claim Technology is a team of highly motivated and skilled professionals who are leading Travelers' digital transformation journey and driving business value that creates a sustainable competitive advantage for our company. We deliver, implement and administer technology solutions that enable all Claim employees to be more effective at their jobs and meet the needs of our company's customers.
 
If YOU...
 
  • Are a passionate technology professional who enjoys solving complex business and technology issues.
  • Pride yourself on being a quick learner.
  • Are comfortable with ambiguity.
  • Understand business challenges and can develop long-term, sustainable technical solutions. 
  • Have a passion for learning and applying new technologies.
  • Enjoy working in a fast-paced, agile environment where you have the opportunity to automate things.
  • Enjoy mentoring others and driving adoption of new technologies and design patterns.
  • Have an Agile mindset and are value-focused and guided by the Lean-Agile principles.
  • Have the courage to say what needs to be said in a respectful and tactful way, even if it's not what people want to hear.  
  • Have the desire to be a lifelong learner, enjoy sharing your knowledge by coaching others, and enable others to continuously improve through mentorship.
  • Above all, measure your own success by the success of your team and the satisfaction of our customers.
 
Then, Claim Technology is the place for you!
Our Team
Our TEAM...
 
  • Is dedicated to building a culture of security in Claim enabling our company to stay ahead of evolving threats and deliver on the promise that Travelers makes to our customers and ensuring the sensitive customer data that is entrusted to us is protected.
  • Has a passion for security and risk.
  • Is responsible for managing risk with the Claim line of business by helping empower our group with information on security and risk to allow individuals to do their jobs more effectively.
  • Is made up of diverse, competent and reliable individuals who trust one another and feel free to express their feelings and ideas.
  • Is aligned with a shared vision and focused values, great at collaborating and accomplishing our tasks.
  • Adapts quickly to changing conditions and demands, takes accountability as a group, and works hard to our accomplish goals.
  • Reflects and learns from past experience and is committed to relentless improvement.
  • Recognizes and values team contributions and celebrates successes.


This role will be a point of contact for the Claim Application Security program.  This program includes interpretation of code scanning results to help developers remediate vulnerabilities in internally developed applications.  This individual will also be the point of contact for threat modeling activities for Claim IT ARTs.  This individual will be responsible to work with Claim IT architects and developers, within the assigned ARTs, to help guide them through the different activities surrounding defensive coding techniques. The individual in this role will work closely with the Claim Architecture Review Board to identify architectural patterns in use and work with the team to ensure threat modeling is conducted against these patterns.  The individual will be responsible for working with the architects to develop a plan to ensure that all patterns are reviewed with a regular cadence and produce necessary artifacts of the review for audit purposes.
This role has the responsibility to research relevant attack methods and engage with other LOBs and Enterprise Cybersecurity to help ensure that all relevant risks are identified and addressed throughout the DevOps process. This includes creation of standards and procedures as they relate to the SDLC process including such areas as peer code review and definition of artifacts that can be utilized for audit purposes.  This individual will work directly with Agile Coaches and the ARTs to ensure security is addressed throughout the entire development process while ensuring minimal impact to schedules.  This individual will work closely with developers to help ensure that a culture of security is woven into the development cycle and identify opportunities to shift identification of vulnerabilities earlier in the development process. This individual will serve as the go between for Claim IT developers and information security who is responsible for performing the scans.

 

Bachelor's Degree in a STEM (Science, Technology, Engineering, Math) discipline preferred.
 
  • Ability to work independently and as part of a team.
  • Experience developing information security standards and procedures.
  • Experience assessing and documenting the design of security controls to mitigate risk.
  • Ability to influence and set technical direction.
  • Skilled at contributing and communicating your expert knowledge of concepts to a broader audience.


Your DAY...
 
  • Point of contact for the Claim Application Security program. 
  • Point of contact for threat modeling activities for Claim IT.
  • Work directly with Claim IT architects and developers to help guide them through defensive coding practices.
  • Research relevant attack methods and engage with other LOBs and IS Security to help ensure that all relevant risks are identified and addressed.
  • Work with Agile Coaches and the ARTs to ensure security is addressed throughout the entire development process.
  • Interact with the BISO for Claim and Enterprise Cybersecurity to build program documentation and ensure the program aligns with policy requirements.
  • Serve as the go between for Claim IT developers and Travelers Enterprise Cybersecurity.
  • Other duties as assigned


High school diploma or equivalent required. Five years of work experience within Computer Science or a related field required.

Travelers is an equal opportunity employer.

About Travelers

The Travelers Companies, Inc. (NYSE: TRV) is a leading property casualty insurer selling primarily through independent agents and brokers. The company's diverse business lines offer its global customers a wide range of coverage in the auto, home and business settings. A component of the Dow Jones Industrial Average, Travelers has more than 30,000 employees and generated revenues of approximately $25 billion in 2010.