Director of IT Security Operations at Liberty Mutual
Greater Boston Area
- Current
-
- Director of IT Security Operations at Liberty Mutual
- Director of IT Security & Compliance at Liberty Mutual Insurance / Safeco Insurance
- Contributing Author at SecurityFocus (Symantec)
- Past
-
- Manager, IT Security at Johnson & Johnson
- Manager, Enterprise Computing at Johnson & Johnson
- Enterprise Consultant/Engineering Manager at Netera
- Education
-
- University of Illinois at Urbana-Champaign
- University of Scranton
- Recommended
-
4 people have recommended Bob - Connections
-
235
connections
- Industry
- Information Technology and Services
- Websites
Bob Rudis’s Summary
Senior IT security & compliance executive with in-depth knowledge of the healthcare/pharmaceutical and insurance/financial services sectors and extensive experience developing and directing a broad range of global IT initiatives while using a risk-based approach to planning and implementing information security policies/solutions in direct support of business objectives.
Bob Rudis’s Specialties:
IT security architecture, policy, development & incident response. Compliance (SOX, HIPAA, PII, PCI). Internal IT Audit. OS X. Windows 2000, XP, 2003, Vista. Perl, Python, C. WIndows & Unix programming & scripting. Open source (F/OSS). Firewalls & proxy servers. PKI infrastructure development. Web development.
Bob Rudis’s Experience
-
Director of IT Security Operations
Liberty Mutual
(Privately Held; LMG; Insurance industry)
January 2009 — Present (11 months)
-
Director of IT Security & Compliance
Liberty Mutual Insurance / Safeco Insurance
(Public Company; 10,001 or more employees; Insurance industry)
July 2007 — Present (2 years 5 months)
Translate business information requirements, IT configuration, information risk action plans and information security culture into an overall IT security plan, implemented in security policies/procedures together with appropriate investments in services, personnel, software and hardware.
Develop and maintain the overall IT risk management plan
Develop and maintain appropriate security & compliance-related policies in alignment with overall corporate policies.
Internal IT audit & external/third-party audit liaison.
Evaluate the completeness and effectiveness of IT internal controls over processes, policies and contracts.
Conduct internal &business partner control/technology assessments.
Identify local and international legal, contractual, policy and regulatory requirements related to information service delivery —i ncluding third-party services — and the IT organization, processes and infrastructure. -
Contributing Author
SecurityFocus (Symantec)
(Public Company; 5001-10,000 employees; Information Technology and Services industry)
January 2003 — Present (6 years 11 months)
Contributing technical security author to SecurityFocus in the areas of systems and network security.
List of articles available via:
http://search.securityfocus.com/swsearch?sbm=%2F&metaname=alldoc&query=rudis&x=0&y=0 -
Manager, IT Security
Johnson & Johnson
(Public Company; 10,001 or more employees; JNJ; Pharmaceuticals industry)
November 1998 — July 2007 (8 years 9 months)
All aspects of IT security in an Enterprise with a focus on Windows and wireless technologies. Large-scale, global team project work in handheld security, Windows 2000, Windows 2003, Windows XP, Windows Vista/Longhorn, policy development, firewalls, IDS/IPS and other network/system security components.
-
Manager, Enterprise Computing
Johnson & Johnson
(Public Company; 10,001 or more employees; JNJ; Pharmaceuticals industry)
November 1998 — October 2003 (5 years )
Enterprise Unix platform development (operating systems, software, processes) including large-scale systems (Sun/HP) and web environments
-
Enterprise Consultant/Engineering Manager
Netera
(Privately Held; 51-200 employees; Information Technology and Services industry)
September 1995 — November 1998 (3 years 3 months)
Provided Unix, Windows and IT Security consulting and engineering services to Fortune 500 clients including Ernst & Young, Brother International, Bristol-Myers and Johnson & Johnson.
E&Y: Designed and implemented largest SecurID deployment on record (at that time, 40,000). Designed and developed custom RADIUS SecurID authentication module for open source RADIUS server.
J&J: Part of design and implementation team for first generation Internet access and hosting infrastructure. Developed firewall solution (CheckPoint/Solaris), secure web hosting services (Netscape web server), and authenticated access infrastructure (Netscape Proxy + open source SOCKS5).
Brother/Bristol-Myers: Firewall/general security consulting
Netera: Managed engineering team including assignments, reviews, hiring and training
Bob Rudis’s Education
-
University of Illinois at Urbana-Champaign
M.S. , Computer Science , 2007 — 2009
-
University of Scranton
B.S. , Computer Science , 1986 — 1990
- Activities and Societies:
- ACM President
Computer Science Newsletter Editor
Additional Information
Bob Rudis’s Websites:
Bob Rudis’s Interests:
running, cycling, hiking, camping, cooking, RPG/FPS video games, Settlers of Catan board game, sci-fi, reading, gadgets
Bob Rudis’s Groups:
IEEE
CISSP
ISSA
ISACA, Twitter
-
Certified Information Systems Security Professionals (CISSP) -
Security Crew -
Information Systems Security Association (ISSA) -
Information Security Community -
ISACA Professionals -
Johnson & Johnson (re)connected (9,500+ Members!) -
IT Security and Audit Professionals -
Mac Developer Jobs -
Cocoa and Cocoa Touch Developers -
Safeco Alumni Network -
Security Twits -
Opensource Startups -
Fans of Digsby -
Open Security Exchange -
Enterprise Network Security -
Gartner Business Intelligence (Xchange)
Bob Rudis’s Contact Settings
Interested In:
- career opportunities
- consulting offers
- job inquiries
- expertise requests
- reference requests
- getting back in touch
