Principal IT Compliance Analyst
Company Name:
Liberty Mutual
Title: Principal IT Compliance Analyst
Location: NH-Portsmouth
Other Locations:
Advance your Information Technology (IT) career at Liberty Mutual Insurance - A Fortune 100 Company.
Liberty Mutual Insurance ranks 84th on the Fortune 100 list of largest corporations in the U.S. based on 2011 revenue. As of December 31, 2011, Liberty Mutual Insurance had $117.1 billion in consolidated assets, $99.3 billion in consolidated liabilities, and $34.7 billion in annual consolidated revenue. Liberty Mutual employs over 50,000 people worldwide in four Strategic Business Units (SBUs) and multiple corporate departments.
Liberty Mutual Information Technology is actively searching for an experienced Principal IT Compliance Analyst. In this role you will provide support and guidance to management in their assessment of the effectiveness of internal controls. S/he will be responsible for evidencing Sarbanes-Oxley, PCI, and Data Privacy & Protection compliance, including; design, scope, documentation, design effectiveness, testing and remediation. S/he will assist management in evaluating risks and designing and documenting controls, monitor for changes in the existing control environment, and coordinate with internal and external audit teams. S/he will identify and drive implementation of best practices for control design and improvement. In addition, you will participate in the evaluation, development, and implementation of security standards, procedures, controls, and guidelines for multiple platforms and diverse system environments (e.g. company-wide, distributed, client server systems, and e-applications).
Most importantly, you''ll be engaged in meaningful work for an organization that is committed to helping people live safer, more secure lives every day.
Responsibilities:
Participates in project-focused work regarding identity and access management best practices, separation of duties, least privilege authorization and authentication, multifactor authentication, directory systems.
Maintain a risk/control framework that accurately reflects the IT control environment and alignment to the Information Security Policy and standards.
Assist process owners and control owners in the preparation and on-going maintenance of control and process documentation (policies, procedures, narratives, control descriptions, and test plans)
Use risk assessment methodologies to identify residual risk and control strengthening opportunities.
Assist process owners and control owners in identifying gaps in control design and control operating effectiveness of IT general controls and related remediation measures.
Assist in identifying the opportunities for using automated computer assisted audit techniques as necessary to reduce resource impact.
Maintains an awareness of existing and proposed security standard setting groups, State and Federal legislation and regulations pertaining to information security and identifies regulatory changes that will affect information security policy, standards, procedures, controls, and recommends appropriate changes.
Qualifications:
BachelorEUR(TM)s Degree in Computer Science or a related discipline and typically 5-8 years of experience focused on information systems audit or an equivalent breadth of experience in information security, systems, and network technology.
Competency in the areas of IT general computer controls specifically in information security.
Working knowledge of IT auditing and compliance practices.
Thorough knowledge of general computer controls (GCC) related to operations, information security and change management of systems software, application source code, network, and system database technologies.
Able to independently evaluate the effectiveness of controls to prevent errors in financial reporting.
Working knowledge of Sarbanes Oxley, additionally knowledge of PCI and Data Privacy & Protection regulations desired.
Certified Information Systems Auditor (CISA) or PCI Qualified Security Assessor (QSA) desired.
General knowledge of Governance, Risk, Compliance (GRC) tool sets.
Understanding of the SSAE16 auditing standard (previously SAS70) desired.
Excellent communication and presentation skills.
Strong process documentation and reporting capabilities.
Self-motivated and self-directed.
Strong cross-functional team participant and collaborative approach to problem solving.
Prior project management experience.
Benefits:
We recognize that talented people are attracted to companies that provide competitive pay, comprehensive benefits packages and outstanding advancement opportunities. For this reason we offer a Comprehensive Benefits Plan that includes the following:
401K and Company paid pension plan
Medical coverage
Dental coverage
Paid time-off
Pay-for-Performance
Discounts on automobile and homeowner''s insurance
Discount fitness memberships
Flexible spending accounts
Tuition reimbursement
Vision care coverage
Work/Life resources
Credit Union membership
Employee and Dependent life insurance
Disability insurance
Long-term care insurance
Overview:
We believe strongly that commercial success can be achieved in a manner consistent with principles and ideals that bind us together as one company, that set us apart from our competitors, and that in the end will allow us to say we have succeeded commercially by doing the right thing the right way.
We believe that the Company''s success is inextricably linked to our employees'' satisfaction and success: satisfaction that they work for an industry leader committed to improving safety, satisfaction that they work for a company that does the right thing, and satisfaction that the company will reward them for their contributions and provide opportunities for personal growth and success.
We believe our employees take pride in knowing that they help people live safer more secure lives everyday.
Responsibility. What''s your policy?
Information TechnologyEstimated Salary: $20 to $28 per hour based on qualifications.
Liberty Mutual
Title: Principal IT Compliance Analyst
Location: NH-Portsmouth
Other Locations:
Advance your Information Technology (IT) career at Liberty Mutual Insurance - A Fortune 100 Company.
Liberty Mutual Insurance ranks 84th on the Fortune 100 list of largest corporations in the U.S. based on 2011 revenue. As of December 31, 2011, Liberty Mutual Insurance had $117.1 billion in consolidated assets, $99.3 billion in consolidated liabilities, and $34.7 billion in annual consolidated revenue. Liberty Mutual employs over 50,000 people worldwide in four Strategic Business Units (SBUs) and multiple corporate departments.
Liberty Mutual Information Technology is actively searching for an experienced Principal IT Compliance Analyst. In this role you will provide support and guidance to management in their assessment of the effectiveness of internal controls. S/he will be responsible for evidencing Sarbanes-Oxley, PCI, and Data Privacy & Protection compliance, including; design, scope, documentation, design effectiveness, testing and remediation. S/he will assist management in evaluating risks and designing and documenting controls, monitor for changes in the existing control environment, and coordinate with internal and external audit teams. S/he will identify and drive implementation of best practices for control design and improvement. In addition, you will participate in the evaluation, development, and implementation of security standards, procedures, controls, and guidelines for multiple platforms and diverse system environments (e.g. company-wide, distributed, client server systems, and e-applications).
Most importantly, you''ll be engaged in meaningful work for an organization that is committed to helping people live safer, more secure lives every day.
Responsibilities:
Participates in project-focused work regarding identity and access management best practices, separation of duties, least privilege authorization and authentication, multifactor authentication, directory systems.
Maintain a risk/control framework that accurately reflects the IT control environment and alignment to the Information Security Policy and standards.
Assist process owners and control owners in the preparation and on-going maintenance of control and process documentation (policies, procedures, narratives, control descriptions, and test plans)
Use risk assessment methodologies to identify residual risk and control strengthening opportunities.
Assist process owners and control owners in identifying gaps in control design and control operating effectiveness of IT general controls and related remediation measures.
Assist in identifying the opportunities for using automated computer assisted audit techniques as necessary to reduce resource impact.
Maintains an awareness of existing and proposed security standard setting groups, State and Federal legislation and regulations pertaining to information security and identifies regulatory changes that will affect information security policy, standards, procedures, controls, and recommends appropriate changes.
Qualifications:
BachelorEUR(TM)s Degree in Computer Science or a related discipline and typically 5-8 years of experience focused on information systems audit or an equivalent breadth of experience in information security, systems, and network technology.
Competency in the areas of IT general computer controls specifically in information security.
Working knowledge of IT auditing and compliance practices.
Thorough knowledge of general computer controls (GCC) related to operations, information security and change management of systems software, application source code, network, and system database technologies.
Able to independently evaluate the effectiveness of controls to prevent errors in financial reporting.
Working knowledge of Sarbanes Oxley, additionally knowledge of PCI and Data Privacy & Protection regulations desired.
Certified Information Systems Auditor (CISA) or PCI Qualified Security Assessor (QSA) desired.
General knowledge of Governance, Risk, Compliance (GRC) tool sets.
Understanding of the SSAE16 auditing standard (previously SAS70) desired.
Excellent communication and presentation skills.
Strong process documentation and reporting capabilities.
Self-motivated and self-directed.
Strong cross-functional team participant and collaborative approach to problem solving.
Prior project management experience.
Benefits:
We recognize that talented people are attracted to companies that provide competitive pay, comprehensive benefits packages and outstanding advancement opportunities. For this reason we offer a Comprehensive Benefits Plan that includes the following:
401K and Company paid pension plan
Medical coverage
Dental coverage
Paid time-off
Pay-for-Performance
Discounts on automobile and homeowner''s insurance
Discount fitness memberships
Flexible spending accounts
Tuition reimbursement
Vision care coverage
Work/Life resources
Credit Union membership
Employee and Dependent life insurance
Disability insurance
Long-term care insurance
Overview:
We believe strongly that commercial success can be achieved in a manner consistent with principles and ideals that bind us together as one company, that set us apart from our competitors, and that in the end will allow us to say we have succeeded commercially by doing the right thing the right way.
We believe that the Company''s success is inextricably linked to our employees'' satisfaction and success: satisfaction that they work for an industry leader committed to improving safety, satisfaction that they work for a company that does the right thing, and satisfaction that the company will reward them for their contributions and provide opportunities for personal growth and success.
We believe our employees take pride in knowing that they help people live safer more secure lives everyday.
Responsibility. What''s your policy?
Information TechnologyEstimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
