×
Register Here to Apply for Jobs or Post Jobs. X

Senior IT Risk and Compliance Engineer

Remote / Online - Candidates ideally in
Hartford, Hartford County, Connecticut, 06112, USA
Listing for: Talcott Financial Group
Remote/Work from Home position
Listed on 2026-07-14
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security, Data Security, IT Consultant
Salary/Wage Range or Industry Benchmark: 110000 - 160000 USD Yearly USD 110000.00 160000.00 YEAR
Job Description & How to Apply Below

Overview

Talcott Resolution is seeking a Senior Information Security Analyst to join our cybersecurity team at a pivotal moment in our program’s maturation. Reporting directly to the Chief Information Security Officer, this role is a central force in how we govern risk, meet regulatory obligations, and build a security program that scales with our business. The selected candidate will partner across business units, IT, and senior leadership to advance our control capabilities.

The position will play a key role in shaping policy, driving audit exam readiness, and identifying opportunities to automate and modernize compliance processes. If you bring strong analytical instincts, clear communication, and a passion for building structure in complex environments, this role will allow you to see measurable impact and visibility. This position will work on a hybrid work arrangement in our Harford, CT office;

however, remote work will also be considered.

Responsibilities Governance & Policy
  • Partner with business units and IT leadership to develop, maintain, and operationalize information security policies, standards, and procedures.
  • Collaborate with stakeholders across the enterprise to formulate security strategies and risk reduction guidelines that align with business objectives.
  • Consult with business and technology teams on building secure processes and information systems from the ground up.
  • Help evolve the security awareness program, translating technical risk into clear communication for employees at all levels within the organization.
Risk Management
  • Lead efforts with business units to assess, document, accept, and/or mitigate risk associated with enterprise-wide initiatives and third‑party relationships.
  • Perform detailed threat and vulnerability analysis, combining sound analytical skills with advanced knowledge of IT security risks.
  • Evaluate the severity and potential impact of identified threats, translating findings into actionable recommendations for leadership and business stakeholders.
  • Maintain a current understanding of the threat landscape through ongoing research into emerging risks and their potential impact on our environment.
  • Lead and perform security assessments of third parties and partners, documenting findings and driving remediation.
Compliance, Audit & Regulatory
  • Serve as a key resource in preparing for internal audits, external audits, and state regulatory examinations including drafting responses, managing evidence, and tracking remediation commitments.
  • Monitor ongoing compliance with information security policies and assist business units in managing exceptions to policy and standards.
  • Provide oversight of managed security services, including vulnerability management, firewall operations, Security Operations Center, and data loss prevention.
  • Investigate, document, and follow through on information security incidents and policy violations, ensuring appropriate resolution and lessons learned.
Process Automation & Program Development
  • Identify and implement opportunities to automate manual GRC and compliance workflows, reducing operational overhead and improving program consistency and accuracy.
  • Develop metrics, dashboards, and reporting mechanisms to provide leadership clear visibility into risk posture and program health.
  • Evaluate new and emerging security technologies leading proof‑of‑concept assessments and making recommendations to management.
Qualifications
  • Bachelor’s degree in information security, Computer Science, Information Systems, or a related field.
  • Minimum of 7 years of cybersecurity experience with strong expertise in governance, risk, compliance, or audit support functions.
  • Industry‑recognized certification such as CISSP, CISM, CRISC, or equivalent ISACA or GIAC credential.
  • Working knowledge of security frameworks including NIST 800‑53, ISO 27001, and/or NIST CSF.
  • Demonstrated experience supporting regulatory examinations or external audits, including evidence preparation and remediation tracking.
  • Practical experience with cloud security controls (Azure, Oracle Cloud, or Microsoft 365).
  • Experience identifying and implementing process automation within GRC or compliance workflows.
  • Except…
Position Requirements
10+ Years work experience
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary