Principal Cybersecurity Specialist – GCS Cyber Risk Assurance
- Employer
- Liberty Mutual Insurance
- Location
- Chicago, Illinois
- Salary
- Not Specified
- Closing date
- Oct 20, 2019
View more
- Category
- IT , Risk Management
- Job Type
- Not Specified
- Career Level
- Not Specified
Job Details
Principal Cybersecurity Specialist – GCS Cyber Risk Assurance
We deliver our customers peace of mind every day by helping them protect what they value most. Our passion for placing the customer at the center of everything we do is driving a transformational shift at Liberty Mutual. Right now, we have an opportunity for a Principal Software Developer to join our Global Information Security Development and Delivery team to develop Next Generation Identity Services.
Liberty Mutual Insurance Information Technology is actively searching for an experienced Information Cybersecurity Specialist. In this role you will provide technical expertise and support to clients, IT management, and staff in risk assessments, implementation, and operational aspects of appropriate information security procedures and products. You will be interfacing with Infrastructure and Application Development teams, and ensuring that the appropriate risk reduction/mitigations are put in place. In addition, you will participate in the evaluation, development, and implementation of security standards, procedures, and guidelines for multiple platforms and diverse system environments (e.g. company-wide, distributed, client server systems, and e-applications).
The Cybersecurity Specialist will assess the adequacy of security controls, evaluate threats and vulnerabilities, calculate the level of current and residual risk, and communicate these risks to IT teams, business units and management. The analyst must have the ability to convey complicated technology and security concepts to management and ideally has technical knowledge and/or experience in security, networking, systems administration, database administration, public cloud or another technical domain. Proficiency in a risk management framework and conducting risk assessments in a regulated environment is desired. Maintaining a current understanding of the latest security threats, trends and technologies is a crucial component of the position.
To succeed in this position, they must be able to develop risk management strategies that align with business goals and operations and protect the confidentiality, integrity and availability of information systems and our data.
Responsibilities
Conduct and/or support targeted risk assessments on defined assets within Liberty Mutual Insurance, assess the effectiveness of existing controls, and recommends remedial action
Determine significant risk points and exercise process for risk assessment and risk acceptance.
Provides technical expertise and support to client, IT management and other infrastructure staff in risk assessments, implementation and operational aspects of appropriate information security procedures and products.
Supports risk valuation models and tooling.
Informs technology SME’s and other specialists on risk exposure.
Collaborates on critical IT projects to ensure that security issues are addressed throughout the project life cycle.
Plays an advisory role in application development or acquisition projects, to assess security requirements and controls and ensure that security controls are implemented as planned.
Provides guidance and assistance to ensure IT controls are designed to mitigate intended risks and operating effectively.
Provides technical expertise and support to clients, IT management and staff in risk assessment and the implementation of appropriate information security procedures and products.
Researches and assesses new threats and security alerts and recommends remedial action.
Maintains an awareness of existing and proposed security standard setting groups, State and Federal legislation and regulations and how they will affect the LMIG environment.
Maintain an awareness of Liberty Mutual’s security policies and government regulations pertaining to information security.
Keep IT Management informed of security issues by reporting performance metrics.
Minimum Qualifications
7 or more years’ experience in the Information Security and/or Technology Risk field
Excellent written and oral communication skills
Current CISSP, CRISC, CISA, GIAC or equivalent certification preferred.
Excellent customer service skills and problem resolution
Experience in being able to manage and prioritize multiple tasks in an effective manner
Ability to work independently without daily direction
Preferred Skills
Strong understanding of mitigating security controls (i.e., anti-virus, IPS/IDS, email filtering, web site blocking, patching) and how they work in an overall defense in depth risk assessment methodology.
Understanding of network infrastructure, including firewalls, web proxy and/or email architecture- particularly as they apply in a mitigating control functionality
Understanding of back-channels typically used by actors for malicious activity
Understanding of obfuscation techniques and best practices for ensuring device non-attribution
Understanding of one or more Technology Platforms (Windows, Linux, Mainframe, Middleware Applications, Database Applications)- specifically as they apply to successful security control mitigation and particularly to vulnerability management
Understanding of distributed denial of service attack intelligence gathering, concepts, mitigation tools and techniques
Understanding of mobility security device and application risk and threat assessment
Understanding of nation and non-nation state actors, hactivist groups, advanced threats and the "kill chain" methodology
Knowledge of cyber security standard frameworks such as ISO and NIST
Familiarity with secure coding best practices.
Strong communication & organizational skills, ability to multi-task, strong attention to details, excellent problem solving and follow-up skills required.
Work independently, make decisions and multi-task effectively in a very diverse, project oriented environment.
-
Ability to complete high quality deliverables.
We take care of our employees…
We strongly believe that a great job should keep you happy both at work—and in life. That’s why we offer:
Workplace Flexibility
Wellness Perks
Collaborative workspaces
Sit/stand desks
Career development, programs and classes
Diversity & Inclusion programs
Commuter Benefits
Adoption Assistance
College Savings Plan
Education reimbursement
-
Hackathon Events
Liberty Mutual was named as a ‘2016 Great Place to Work’ by Great Place to Work US.
For more info about our benefits - Benefits Information
Learn more about Tech at Liberty Mutual – Search Our Jobs
Check out our Tech at Liberty Mutual YouTube playlist - Show me the Videos
Company
When people have a sense of security, they are free to relax, venture out, and live their lives. This is the feeling Liberty Mutual brings to the world every day. Founded in 1912, we are a global leader in property and casualty insurance, focused on protecting and preserving the lives and dreams of customers in more than 30 countries. With over 50,000 employees throughout the world, we offer you the chance to work for an evolving, growing company with a deep sense of humanity and a commitment to diversity and philanthropy. Join our team and go to work knowing that what you do matters. Because really it does.
Get job alerts
Create a job alert and receive personalized job recommendations straight to your inbox.
Create alert