Principal Cybersecurity Specialist – Liberty Mutual Insurance – Boston, MA
Note: We may earn a commission from products or services when you click on a link and make a purchase.
At Liberty Mutual, our purpose is to help people embrace today and confidently pursue tomorrow. That’s why we provide an environment focused on openness, inclusion, trust and respect. Here, you’ll discover our expansive range of roles, and a workplace where we aim to help turn your passion into a rewarding profession.
Liberty Mutual has proudly been recognized as a “Great Place to Work” by Great Place to Work® US for the past several years. We were also selected as one of the “100 Best Places to Work in IT” on IDG’s Insider Pro and Computerworld’s 2020 list. For many years running, we have been named by Forbes as one of America’s Best Employers for Women and one of America’s Best Employers for New Graduates—as well as one of America’s Best Employers for Diversity. To learn more about our commitment to diversity and inclusion please visit: https://jobs.libertymutualgroup.com/diversity-inclusion.
We value your hard work, integrity and commitment to make things better, and we put people first by offering you benefits that support your life and well-being. To learn more about our benefit offerings please visit: LMI.co/Benefits.
Liberty Mutual is an equal opportunity employer. We will not tolerate discrimination on the basis of race, color, national origin, sex, sexual orientation, gender identity, religion, age, disability, veteran’s status, pregnancy, genetic information or on any basis prohibited by federal, state or local law.
At Liberty Mutual Insurance, we believe progress happens when people feel secure. Our Cybersecurity Specialists form a diverse team of security professionals who are collectively responsible for improving the overall security posture of the organization. They evaluate and manage risks, test the effectiveness and completeness of security controls, and partner with teams across the company to optimize our security posture while ensuring the business is able to innovate. Cybersecurity specialists must continually adapt to stay ahead of a dynamic threat landscape. We are expected to continually learn and grow. This is not a passive career opportunity, but rather one that requires a passion for security and rigor to protect our business.
You will have the opportunity to manage, develop, deploy, and support cutting edge security solutions globally to include regional data centers, Liberty Mutual local offices, and cloud environments, including Amazon Web Services (AWS) and Microsoft Azure.
You would be a senior member of an agile team that is focused on analysis, system design, documentation, testing, implementation and support for highly complex security operations and processes.
About The Job
- Under limited supervision and general direction, evaluates and reports on the effectiveness of security and compliance controls as well as risk mitigation strategies in IT and business environments.
- Evaluates risk and develops security standards, procedures, and controls to manage that risk, with a mindset of continuous process improvement.
- Provides implementation leadership on pre-established patterns and assists with the more complex engagements.
- Delivers and may assist other team members in threat modelling, risk identification and mitigation strategies, control documentation, evaluation of control design, evaluation of control operation, reporting of control deficiencies, and remediation strategies.
- Effectively communicates technical issues to diverse audiences.
The Ideal Candidate Will Have
- Ability to assess processes to determine risks, corresponding controls, gaps and applicable testing strategies
- Technical writing (ability to document controls, gaps, meeting minutes, professional emails, etc.)
- Knowledge of IT controls/ IT auditing/Security/Compliance
- Knowledge of control frameworks (e.g. NIST, COBIT, CSC, etc.) and regulations that apply to Liberty
- Ability to integrate control frameworks and regulations into enterprise controls
- Technical knowledge of tools (Jira, MS office tools, Sharepoint, MS Teams, Remedy)
- Knowledge of Agile practices
- Knowledge of various environments (on-prem, ICCU, AWS, Azure, containers, etc.)
- Knowledge of auditing best practices (testing, annotation, sample size guidance, etc.)
Need Security Training? Certifications at Your Own Pace
- IBM Cybersecurity Analyst Professional CertificateIntroduction to Cybersecurity Tools & Cyber Attacks by IBM
- Generative Adversarial Networks (GANs) Specialization from DeepLearning.AI
- Agile Leadership Specialization from the University of Colorado
- International Cyber Conflicts from the State University of New York (SUNY)
- IT Fundamentals for Cybersecurity Specialization by IBM
- Google Cloud Security Professional Certificate from Google Cloud
- Google Cloud Networking Professional Certificate from Google Cloud
- Introduction to Blockchain Specialization from Association of International Certified Professional Accountants
- Bachelors or Master’s degree in technical discipline or equivalent experience.
- Generally 5+ years of professional experience.
- Highly proficient in security, risk and compliance concepts, processes and able to execute existing patterns.
- Thorough knowledge of new and emerging technologies, well versed in IT concepts, strategies and methodologies, as well as security aspects of multiple platforms, operating systems, software, communications and network protocols.
- Strong negotiation, facilitation and consensus building skills; strong oral and written communication skills; able to present to senior contributors and management.
- Highly capable consultative skills, including the ability to understand and assist in applying customer requirements.
- Extensive understanding of backlog tracking, burndown metrics, and incremental delivery.
- Strong collaboration, prioritization, and adaptability skills required. Relationship building
- Self-motivated/ self-directing
- Ability to manage and prioritize own work
- Independent decision making
- Analytical thinking; thinking out of the box
- Ability to effectively communicate with all organizational levels (SME to Senior Management)
- Ability to lead and influence others
- Project management skills
- Ability to lead a meeting and keep all involved on task
- Organized and detail-oriented
- Ability to analyze problems at various levels (e.g. detail level, overall organizational impact, etc.)
- Ability to effectively implement the D&I guidelines for inclusion in daily activities