Principal GRC / Regulatory / Financial Complaince Engineer

We deliver our customers peace of mind every day by helping them protect what they value most. Our passion for placing the customer at the center of everything we do is driving a transformational shift at Liberty Mutual. Operating as a tech startup within a Fortune 100 company, we are leading a digital disruption that will redefine how people experience insurance. This role has a hybrid work schedule (2 days onsite) and we will only consider candidates based in Portsmouth, NH, Columbus, OH and Indianapolis, IN. The GRC (Governance, Risk and Compliance) team within the GCS organization is looking to add a Principal GRC / Regulatory / Financial Compliance Engineer to their team. This candidate will independently execute and assist others in the evaluation and reporting on the effectiveness of security and compliance controls as well as defining risk mitigation strategies in IT and business environments. As a Principal Cybersecurity Specialist in the Cybersecurity Regulatory Assessment space, you would be responsible for independently designing, executing, evolving, and optimizing our cybersecurity regulatory and contractual assessment programs. Responsibilities would include the coordination, analysis, management, and monitoring of various regulations and harmonizing them with our governing cybersecurity risk and compliance programs, practices, and frameworks. You will support the assurance programs responsible for evaluating the design of controls, identifying data sources and automation opportunities, testing controls, assisting with delivery, and reporting results of our cybersecurity regulatory and contractual requirements in addition to the issues management service for tracking, treatment plan consulting, progress reporting, and closure validation for findings that result from assessment and testing conducted by teams. You will work with stakeholders globally to build awareness, consult on regulatory impacts, implementation and execution of new solutions, understand impacts of new or deprecated technology and business processes, as well as identify and confirm remediation of issues to facilitate successful assessments. You must have the ability to understand, synthesize, and convey technology and security impacts to stakeholders at all levels of the organization, including management and our first line teams. You will collaborate across our organization and deliver results to internal and external partners, auditors, and regulators.