Does the web traffic between the miner and mining pool need to be encrypted?

It can be, but does not need to be. Only reason you’d need it to be is if you don’t trust your ISP / data center. Unencrypted data can be manipulated in-flight, but the encryption adds extra overhead which probably isn’t worth it.