Director Application & Data Technology Risk

• Provide risk oversight across the end-to-end application lifecycle, including requirements, architecture, development, testing, release, and production support.
• Assess risks introduced through modern engineering practices, including agile delivery, DevOps, CI/CD pipelines, APIs, cloud-native services, and third-party integrations.
• Partner with application, platform, and security teams to promote adherence to security, infrastructure, and engineering control expectations., * Evaluate data risk and sensitive data exposure within applications, including unauthorized access, data leakage, improper transmission, retention weaknesses, and aggregation risk.
• Provide risk guidance on AI, GenAI, and automation use cases, with emphasis on data sourcing, access governance, explainability, monitoring, and emerging regulatory or ethical risks related to technology.
• Maintain awareness of evolving risks associated with AI adoption and emerging technologies, ensuring they are incorporated into application risk assessments and governance., * Serve as a trusted risk partner to CIOs and senior technology leaders, supporting informed decision-making while enabling delivery.
• Translate complex technical risks into clear, business-relevant risk narratives that articulate impact, likelihood, trends, and tradeoffs.
• Present concise risk perspectives to senior leadership, technology governance forums, and risk committees, focusing on decision-oriented insights rather than issue listings.
• Influence prioritization decisions by balancing business value, delivery timelines, and risk exposure., * Define, monitor, and mature risk metrics, KRIs, and leading indicators related to application security, data exposure, DevOps maturity, and AI.
• Identify patterns across findings and assessments to surface root causes and enterprise-level risk themes.
• Support audit, regulatory, and internal governance activities by representing application, data, and AI risk topics with credibility and consistency., * Practical understanding of AI and automation risks, including model governance, data usage, and control considerations.

Do you have experience in Software architecture?, * 10+ years of experience in technology risk management, application security, IT audit, engineering, or related domains., * Solid familiarity with cloud and infrastructure control domains (IAM, logging, encryption, network security, resiliency).

• Proven ability to communicate effectively with senior leaders and translate technical issues into executive-level insights.
• Experience working with industry frameworks (e.g., NIST, CIS Controls, COBIT, secure SDLC standards)., * Prior hands-on experience in software engineering, application architecture, platform operations, or DevOps.
• Experience managing risk in high-growth, technology-driven organizations with evolving governance expectations
• Relevant certifications such as CISSP, CISM, CRISC, CISA, or cloud security certifications.

The listed annualized base pay range is primarily based on analysis of similar positions in the external market. Actual base pay could vary and may be above or below the listed range based on factors including but not limited to performance, proficiency and demonstration of competencies required for the role. The base pay is just one component of The Hartford's total compensation package for employees. Other rewards may include short-term or annual bonuses, long-term incentives, and on-the-spot recognition. The annualized base pay range for this role is: $153,600 - $230,400

We're determined to make a difference and are proud to be an insurance company that goes well beyond coverages and policies. Working here means having every opportunity to achieve your goals - and to help others accomplish theirs, too. Join our team as we help shape the future.