Cyber Risk Manager Jobs in Columbus, OH (NOW HIRING)

We're determined to make a difference and are proud to be an insurance company that goes well beyond coverages and policies. Working here means having every opportunity to achieve your goals - and to help others accomplish theirs, too. Join our team as we help shape the future.

The Enterprise Cyber Focal Office - Manager of Software Engineering is a senior, hands-on technical leader and trusted partner to the Enterprise Cyber Focal Lead. This role is responsible for designing, developing, and implementing complex, AIdriven cyber security solutions that strengthen application security, vulnerability management, and enterprise cyber resilience.

Operating at a technical lead/manager (T7) level, this role combines deep engineering expertise, cloud-native architecture, and applied AI with strong leadership and influence across Cyber, Reliability Engineering, Infrastructure Engineering and Software Engineering teams. The role also provides technical leadership and direction to offshore teams and drives adoption of secure-by-design engineering practices across the enterprise.

This role will have aHybrid work schedule,with the expectation of working in an office (Columbus, OH, Chicago, IL, Hartford, CT or Charlotte, NC) 3 days a week (Tuesday through Thursday).

Key Responsibilities

Technical Leadership & Solution Delivery

• Serve as a trusted technical advisor to the Enterprise Cyber Focal Lead, translating cyber strategy into scalable, highimpact technical solutions.
• Design, build, and implement complex cyber solutions leveraging AI/ML to improve threat detection, vulnerability management, risk prioritization, and automation.
• Lead end-to-end solution architecture, including design reviews, implementation, and operational readiness for cyber platforms and tooling.
• Apply fullstack application development expertise to build secure, resilient, and performant cyber applications and services.

Cloud & AI Engineering

• Architect and deliver solutions using AWS cloud services, following cloud-native, wellarchitected, and security principles.
• Apply hands-on AI/ML capabilities (GCP preferred) to build and operationalize intelligent cyber capabilities (e.g., analytics, anomaly detection, automation, decision support).
• Partner with data, AI, and platform teams to ensure solutions are scalable, secure, and production-ready.

Application Security

• Demonstrated handson experience with enterprise security, logging, and monitoring platforms (e.g., Splunk, Dynatrace, Orca Security, Akamai), leveraging these tools to drive threat detection, observability, and risk reduction at scale.
• Applies deep technical expertise in security telemetry, application logging, and runtime monitoring to design, integrate, and optimize application level security and observability capabilities enterprisewide.
• Experienced in Leveraging GitHub Copilot as a handson productivity and quality accelerator for secure software development, including code scaffolding, refactoring, test generation, and documentation, while ensuring adherence to enterprise security and coding standards.

Application Vulnerability Management

• Own and lead application vulnerability management from a technical standpoint, including tooling, integrations, automation, and remediation workflows.
• Partner with CISO (THIP) and Engineering organization and drive modernization and automation of vulnerability intake, prioritization, and reporting using AI and data-driven techniques.
• Partner with application teams to embed vulnerability remediation into SDLC and CI/CD pipelines.

Engineering Partnership & Best Practices

• Act as a trusted partner to Security, Platform, Reliability and Software Engineers, enabling secure, reliable, and resilient application delivery.
• Define, promote, and enforce application security best practices, including secure coding, dependency management, secrets handling, logging, and monitoring.
• Influence engineering teams through technical standards, reference architectures, and hands-on guidance rather than mandate.

Team Leadership & Delivery Excellence

• Provide technical leadership to an offshore engineering team, including design guidance, code reviews, mentoring, and delivery oversight.
• Ensure high engineering quality, operational stability, and adherence to enterprise security and compliance standards.
• Contribute to roadmap planning, prioritization, and continuous improvement of cyber platforms and capabilities.

Required Experience & Qualifications

• 7-10+ years of experience in software engineering, platform engineering, or cyber-focused application development, with time in technical leadership roles.
• Strong fullstack application development experience (frontend, backend, APIs, integrations). This includes proficiency in modern UI frameworks and languages such as HTML, CSS, JavaScript/TypeScript, and frameworks like React or Angular, along with strong backend experience using languages and frameworks such as Java, C#, Python, or Node.js.
• The role requires expertise in API design (REST/GraphQL), database technologies (SQL and NoSQL), and cloudnative development on platforms such as Azure or AWS. A fullstack tech lead is also adept in CI/CD practices, infrastructureascode, containerization (e.g., Docker, Kubernetes), and secure coding principles, with handson experience integrating security, logging, monitoring, and performance tools.
• Strong problemsolving skills, systemlevel thinking, and the ability to collaborate across product, security, and operations teams are essential to delivering scalable, resilient, and secure applications.
• Deep hands-on experience with AWS cloud architecture and related services. Demonstrated hands-on AI/ML implementation experience, with GCP preferred (Vertex AI, BigQuery, ML pipelines, or equivalent).
• Proven experience designing and delivering enterprise-scale cyber, security or application platforms.
• Experience leading and mentoring distributed/offshore technical teams.
• Ability to operate as a trusted partner and influencer across Cyber, Engineering, and Infrastructure organizations.
• Experience across logging and monitoring, edge and application security, AIassisted development, ITSM workflows, CI/CD pipelines, and automated deployment platforms, ensuring scalable, secure, and repeatable engineering practices.
• Knowledge of application security, vulnerability management, and secure SDLC practices is preferred.

• One or more Security Certification focused on app sec - (e.g., CSPM, CSSM, CISSP, CISM, CSSLP, CCSP, CompTIA, ISC2, GIAC, EC-Council)
• One or more cloud security -
  • TheAWS Certified Security - Specialty(often called AWS Security Specialty, SCS-C02)
  • Google Professional Cloud Security Engineer
  • Microsoft Certified: Azure Security Engineer Associate (Exam AZ-500)

• AI / ML Certification (AWS, GCP, or equivalent)
• AWS Certification (e.g., Solutions Architect, DevOps Engineer)
• IBM, Meta, Microsoft full stack developer certification

Candidate must be authorized to work in the US without company sponsorship.The company will not support the STEM OPT I-983 Training Plan endorsement for this position.

Compensation

The listed annualized base pay range is primarily based on analysis of similar positions in the external market. Actual base pay could vary and may be above or below the listed range based on factors including but not limited to performance, proficiency and demonstration of competencies required for the role. The base pay is just one component of The Hartford's total compensation package for employees. Other rewards may include short-term or annual bonuses, long-term incentives, and on-the-spot recognition. The annualized base pay range for this role is:

Equal Opportunity Employer/Sex/Race/Color/Veterans/Disability/Sexual Orientation/Gender Identity or Expression/Religion/Age

About Us|Our Culture|What It's Like to Work Here|Perks & Benefits