Cybersecurity Specialist
Company: Liberty Mutual Insurance
Location: Seattle
Posted on: April 18, 2024
|
|
Job Description:
Schedule: Full-Time Salary Range: USD $91800.00 - $171100.00 Job
Category: Technology Pay Philosophy The typical starting salary
range for this role is determined by a number of factors including
skills, experience, education, certifications and location. The
full salary range for this role reflects the competitive labor
market value for all employees in these positions across the
national market and provides an opportunity to progress as
employees grow and develop within the role. Some roles at Liberty
Mutual have a corresponding compensation plan which may include
commission and/or bonus earnings at rates that vary based on
multiple factors set forth in the compensation plan for the role.
Description At Liberty Mutual Insurance, we believe progress
happens when people feel secure. Our cybersecurity program must
continually evolve, adapt, and advise on practices to deliver
against growing regulatory requirements, increased threats, and
changing people, process, and technology drivers. Our Cybersecurity
Governance, Risk, and Compliance (cGRC) organization manages IT
compliance and cybersecurity risk supported by an integrated set of
products and services that support the lifecycle of our assessment
functions. From design and documentation of controls, to testing
and assessment of our enterprise and information systems, to
consulting on and validation of issues and remediations, we partner
with teams across the company to understand their business drivers
and optimize security practices in relation to external/regulatory
drivers, cybersecurity frameworks, and organizational risk posture.
About the job: As a Senior Analyst in the Cyber Risk Management
space, you will be a key member of our growing information security
risk management program. In this role, you will: Analyze and
evaluate risks through organizational and system level risk
assessment across our global footprint. Learn and apply risk
management and threat modeling frameworks to perform assessments in
the financial services industry. Apply quantitative risk valuation
models and tooling to inform and support strategic and tactical
risk-based decisions. Collaborate with control and information
system engineering teams to close gaps during assessment. Partners
with specialists, peers, and technology teams to communicate
cybersecurity risk drivers and their relationships with controls,
technology, and processes to ensure impact of decisions is
communicated. Contribute to the creation and curation of a
comprehensive cybersecurity risk and compliance control framework
and library. Understand and communicate baseline measures for
control effectiveness. Have the ability to communicate technical
issues to diverse audiences and have knowledge and/or experience in
application and infrastructure security, public cloud (SaaS, PaaS,
IaaS) or another technical domain. Deliver and assist others in
providing technical recommendations to partners, IT management and
other infrastructure staff in risk assessments, implementation, and
operational aspects of information security procedures and
products. Research and assess new threats and security alerts and
recommend remedial action. Maintain and share understanding of the
latest security threats, trends, and technologies. Ideal candidates
have a passion for security, the drive to share their expertise,
and the ability to collaborate and help teams deliver solutions
that meet our business goals while protecting the confidentiality,
integrity and availability of information systems and our data.
Qualifications Bachelors or Master's Degree in technical or
business discipline or related experience. 5+ years professional
experience. Current CISSP, CRISC, CISA, GIAC, OpenFAIR or
equivalent certification preferred. Working knowledge and practice
of risk assessments for IT controls to assess and quantify impacts
and relationships of technology to corresponding controls, gaps,
and applicable testing strategies. Knowledge of cybersecurity
control, program, and risk frameworks such as CIS Controls, NIST
CSF, Factor Analysis of Information Risk (FAIR), NIST RMF, and ISO
27001 preferred. Knowledge and experience working in a diverse
tooling, technology, and provider environments including custom
software, commercial-off-the-shelf and third-party SaaS and PaaS
solutions. Familiarity with secure engineering best practices.
Understanding of one or more Technology Platforms (AWS, Azure, GCP,
Windows, Linux, Mainframe, Middleware Applications, Database
Applications) - specifically as they apply to successful security
control mitigation and risk factors. Highly collaborative with
peers and customers on a technical and professional level and
driven to improve service and engagement models. Ability to
understand and align business drivers in relation to cyber risk
considerations. About Us At Liberty Mutual, our purpose is to help
people embrace today and confidently pursue tomorrow. That's why we
provide an environment focused on openness, inclusion, trust and
respect. Here, you'll discover our expansive range of roles, and a
workplace where we aim to help turn your passion into a rewarding
profession. Liberty Mutual has proudly been recognized as a "Great
Place to Work" by Great Place to Work US for the past several
years. We were also selected as one of the "100 Best Places to Work
in IT" on IDG's Insider Pro and Computerworld's 2020 list. For many
years running, we have been named by Forbes as one of America's
Best Employers for Women and one of America's Best Employers for
New Graduates as well as one of America's Best Employers for
Diversity. We value your hard work, integrity and commitment to
make things better, and we put people first by offering you
benefits that support your life and well-being. Liberty Mutual is
an equal opportunity employer. We will not tolerate discrimination
on the basis of race, color, national origin, sex, sexual
orientation, gender identity, religion, age, disability, veteran's
status, pregnancy, genetic information or on any basis prohibited
by federal, state or local law. Employment Type: Full Time
Keywords: Liberty Mutual Insurance, Tacoma , Cybersecurity Specialist, Other , Seattle, Washington
Click
here to apply!
|