This job has expired, please see additional jobs below
Senior Information Security Analyst
Liberty Mutual
Portsmouth, NH, United States
Job Details - this job has expired, please see similar jobs below
Description
Senior Information Security Analyst
We deliver our customers peace of mind every day by helping them protect what they value most. Our passion for placing the customer at the center of everything we do is driving a transformational shift at Liberty Mutual. Operating as a tech startup within a Fortune 100 company, we are leading a digital disruption that will redefine how people experience insurance
Provides technical expertise and support to client, IT management, and staff in risk assessments, implementation and operational aspects of appropriate information security procedures and products. Participates in the evaluation, development and implementation of security standards, procedures and guidelines for multiple platforms and diverse system environments (e.g., cloud, on premise, and mobile). Coordinates implementing security best practices and the identification and resolution of complex information security problems with clients, development staff, information security and vendors. Receives general supervision from the Information Security Manager and is competent to work all phases of information security activities.
About the job:
• Identifies risks and/or areas for risk remediation and communicates these to IT Owners and management.
• Manages multiple risk assessments at one time and prioritizes daily work while reporting statuses to appropriate individuals.
• Consults with development teams on their proposals, conducts process analyses, reviews information security architectures, and provides security recommendations to the development teams.
• Works in conjunction with technical counterparts to remediate audit and security findings.
• Provides development teams with security resources and direct contacts (e.g. architecture team, identity team, third party risk management).
• Communicates with development teams on a regular basis to understand new technologies being introduced to the environment, understands updates and improvements to existing technologies, and provides best practice security recommendations.
• Maintains an awareness of existing and proposed security standard setting groups, State and Federal legislation, and regulations pertaining to information security. Identifies regulatory changes that will affect information security policy, standards and procedures, and recommends appropriate changes.
• Identifies process improvements and implements solutions to assist the risk mitigation process (e.g. automation or increased efficiency).
• Identify and execute on initiatives that may pose a security risk.
• Performs related duties as assigned or requested.
Desired skills:
• Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or a related discipline and typically six or more years of experience in the security aspects relating to multiple platforms, operating systems, software, communications and network protocols or an equivalent combination of education and work experience.
• Requires a broad knowledge of information systems, access methodologies, and security procedures in order to work effectively with client and IT management, staff and vendors.
• Extensive knowledge of business operations required; familiarity with business objectives and strategies desired. Strong communication, negotiation and presentation skills required.
• CISSP, CRISC or CISA certification preferred.