Senior Information Security Analyst

Company Name:
Liberty Mutual
Title: Senior Information Security Analyst
Location: NH-Portsmouth
Other Locations:
Advance your Information Technology (IT) career at Liberty Mutual Insurance - A Fortune 100 Company.
At Liberty Mutual Insurance, doing the right thing is essential to all that we do. Our commitment to building and sustaining a talented and diverse workforce has helped us to become a global leader in property and casualty insurance. Our financial strength and profitability rely on the skills, knowledge, and creativity of more than 50,000 employees worldwide. As number 81 on Fortune Magazine's list of the 100 largest corporations in the U.S., we have the resources and training our employees need to drive our business forward and be successful in an ever-evolving, complex world.
Liberty Mutual Global Specialty IT, Information Security is actively searching for aSenior Information Security Analyst. Global Specialty IT provides support and operations for all global specialty lines including Liberty International Underwriters (LIU), Liberty Specialty Markets (LSM), Liberty Mutual Surety (LMS), and A&H (Accident and Health) across 19 countries, through one unified IT team.
In this position, you willyou will provide technical expertise and support to client, IT management and staff in risk assessments, implementation and operational aspects of appropriate information security procedures and products. Participates in the evaluation, development and implementation of security standards, procedures and guidelines for multiple platforms and diverse systems environment (e.g., company-wide, distributed, client server systems, and e-applications). Develops systems specifications, technical implementation plans and coordinates complex installation projects with clients, development staff, information security and vendors. Participates with vendors and other engineering units in the identification and resolution of complex information security problems and is competent to work all phases of information security activities.
Performs Active Directory access control and account administration of critical information resources following established procedures.
Performs administration and support of existing security products, including: Secret Server / CyberArk privileged identity management, intrusion detection/prevention software, Windows BitLocker PC encryption, Lumension Device Control application, RSA SecurID, email security, and Tenable Security Center network vulnerability scanner, IBM AppScan application vulnerability assessment scanner.
Participates in systems scanning and vulnerability strategies and testing protocols to achieve compliance with set standards. Develops and oversees remediation processes
Participates in the review, design, development, testing, documenting, implementing and maintenance of Information Security plans, products and controls.
Collaborates with application development area in secure code design.
Participates in computer security incidents as a member of the Computer Security Incident Response Team.
Understanding of International, Federal, State and Local Regulations pertaining to Information Security and data privacy.
Knowledge of industry best practice standards pertaining to Information Security and data privacy.
Participates in the identification and escalation of events which could affect information security policy, standards and procedures.
Performs testing of security controls as requested by management.
Participates in developing security education materials for Global Specialty, and presents materials as necessary to ensure effective communication and understanding by staff of what is expected of them.
Performs additional duties as assigned or requested.

Bachelor degree in Computer Science or a related discipline.

Six years experience in the security aspects relating to multiple platforms, operating systems, software, communications and network protocols or an equivalent combination of education and work experience.(CEH or CISSP certification Desired).

Experience with F5 ASM, Vormetric is desired.

Requires a broad knowledge of on-line systems, access methodologies, and security procedures in order to work effectively with client and IT management, staff and vendors.

Extensive knowledge of business operations required; familiarity with business objectives and strategies desired. Strong communication, negotiation and presentation skills required
We recognize that talented people are attracted to companies that provide competitive pay, comprehensive benefits packages and outstanding advancement opportunities. For this reason we offer a Comprehensive Benefits Plan that includes the following:
401K and Company paid pension plan
Medical coverage
Dental coverage
Paid time-off
Discounts on automobile and homeowner''s insurance
Discount fitness memberships
Flexible spending accounts
Tuition reimbursement
Vision care coverage
Work/Life resources
Credit Union membership
Employee and Dependent life insurance
Disability insurance
Accidental death & dismemberment insurance
We believe strongly that commercial success can be achieved in a manner consistent with principles and ideals that bind us together as one company, that set us apart from our competitors, and that in the end will allow us to say we have succeeded commercially by doing the right thing the right way.
We believe that the Company''s success is inextricably linked to our employees'' satisfaction and success: satisfaction that they work for an industry leader committed to improving safety, satisfaction that they work for a company that does the right thing, and satisfaction that the company will reward them for their contributions and provide opportunities for personal growth and success.
We believe our employees take pride in knowing that they help people live safer more secure lives every day.
Responsibility. What''s your policy?
Information Technology

Don't Be Fooled

The fraudster will send a check to the victim who has accepted a job. The check can be for multiple reasons such as signing bonus, supplies, etc. The victim will be instructed to deposit the check and use the money for any of these reasons and then instructed to send the remaining funds to the fraudster. The check will bounce and the victim is left responsible.