Senior Cybersecurity Specialist - Plano, TX, United States - Liberty Mutual

Description

Our Cybersecurity Specialists form a diverse team of security professionals who are collectively responsible for improving the overall security posture of the organization.

They evaluate and manage risks, test the effectiveness and completeness of security controls, and partner with teams across the company to optimize our security posture while ensuring the business is able to innovate.

Cybersecurity specialists must continually adapt to stay ahead of a dynamic threat landscape.

Our Cybersecurity Governance, Risk, and Compliance (cGRC) organization manages IT compliance and cybersecurity risk supported by an integrated set of products and services that support the lifecycle of our assessment functions.

From design and documentation of controls, to testing and assessment of our enterprise and information systems, to consulting on and validation of issues and remediations, we partner with teams across the company to understand their business drivers and optimize security practices in relation to external/regulatory drivers, cybersecurity frameworks, and organizational risk posture.

As a Senior Cybersecurity Specialist, you would be a member of an agile team that is focused on how to maintain and iterate Cybersecurity policies and standards, evaluate control effectiveness, and comply with emerging laws and regulations at the scale and speed necessary to protect Liberty Mutual data.

Under limited supervision and general direction, you will support the assurance programs responsible for evaluating, assisting with delivery, and reporting results of our cybersecurity regulatory and contractual requirements in addition to supporting the issues management service a responsible for treatment plan consulting, remediation effort progress reporting, and closure validation for findings that result from application assessment and control testing conducted by teams.

Evaluates and assesses compliance to regulatory requirements and contractual obligations.
Partners with stakeholders and customers across the Enterprise to harmonize policy and standard content.

Delivers and assists other team members in risk identification and mitigation strategies, remediation strategies, evaluation and harmonization of policy and control content, and evaluation of control design and operating effectiveness.

Effectively communicates technical and non-technical content to diverse audiences.

Ability to assess technology and processes to determine risks, impacts, and relationships with corresponding authoritative sources and frameworks in order to provide guidance for documentation of appropriate content.

cybersecurity controls, IT auditing, risk and regulatory assessment best practices, cybersecurity and compliance frameworks such as CIS Controls, NIST CSF, ISO 27001, FAIR, COBIT, International Financial Services and Insurance regulatory landscape and willingness to learn about regulatory assessments in the financial services or other regulated industries is a plus.

Working knowledge and practice of IT security, risk and compliance concepts, processes and able to execute existing patterns.

Ability to scope and integrate control frameworks and regulatory requirements into enterprise controls and advise on control design to meet cybersecurity risk and compliance needs.

Knowledge of Agile practices and experience working with scrum teams.
Strong negotiation, facilitation and consensus building skills; able to present to senior contributors and management.

Highly proficient in security, risk and compliance concepts, processes and able to execute existing patterns.

Knowledge of and experience with cybersecurity control, program, and risk frameworks such as CIS Controls, NIST CSF, ISO 27001, and relevant global frameworks preferred.

Ability to understand, interpret, and align requirements to corresponding IT policies and related content.

Strong negotiation, facilitation and consensus building skills; ability to present to senior contributors and management.

About UsAt Liberty Mutual, our purpose is to help people embrace today and confidently pursue tomorrow. That's why we provide an environment focused on openness, inclusion, trust and respect.

Here, you'll discover our expansive range of roles, and a workplace where we aim to help turn your passion into a rewarding profession.

We were also selected as one of the "100 Best Places to Work in IT" on IDG's Insider Pro and Computerworld's 2020 list.

For many years running, we have been named by Forbes as one of America's Best Employers for Women and one of America's Best Employers for New Graduates as well as one of America's Best Employers for Diversity.

To learn more about our commitment to diversity and inclusion please visit:

We will not tolerate discrimination on the basis of race, color, national origin, sex, sexual orientation, gender identity, religion, age, disability, veteran's status, pregnancy, genetic information or on any basis prohibited by federal, state or local law.