Sr. Cloud Security Assurance Engineer Sr. Cloud Security Assurance Engineer …

Brighthouse Financial, Inc.
in Charlotte, NC, United States
Self Employed, Full time
Be the first to apply
Brighthouse Financial, Inc.
in Charlotte, NC, United States
Self Employed, Full time
Be the first to apply
Sr. Cloud Security Assurance Engineer
Brighthouse Financial is on a mission to help people achieve financial security. As one of the largest providers of annuities and life insurance in the U.S., we specialize in products designed to help people protect what they've earned and ensure it lasts. We are built on a foundation of experience and knowledge, which allows us to keep our promises and provide the value they deserve.

At Brighthouse Financial, we're fostering a culture where diverse backgrounds and experiences are celebrated, and different ideas are heard and respected. We believe that by creating an inclusive workplace, we're better able to attract and retain our talent, provide valuable solutions that meet the needs of our advisors and their clients, and deliver on our mission of helping more people achieve financial security. We're se eking passionate, high-performing team member to join us. Sound like you? Read on.

How This Role Contributes to Brighthouse Financial:
Reporting into the Head of Cyber Security Operations of Brighthouse Financial, the Sr. Security Engineer (SSE) Professional will be part of the Brighthouse Computer Security Operations team that is accountable for ensuring security systems and applications are delivered, maintained and hardened to maximize cyber security investments. This role will be responsible for overseeing endpoint, network, cloud and messaging technologies designed to identify, prevent, protect, comply, monitor and respond to everyday cyber-security threats facing Brighthouse's infrastructure, networks and connected cloud ecosystems.
The Sr. Security Engineer will be part of dynamic and matrixed team of security professionals that will be instrumental in maturing Brighthouse's next generation Security Operational model and Security Operations Center (SOC) technologies. The individual in this role will work as the primary security engineering resource to plan, implement, monitor and upgrade security technologies across the information security stack within the Brighthouse IT environment. He/she will be responsible for ensuring that the organization's data and systems are protected by the proper implementation of purpose-built security controls and related technology. This role will be accountable for testing and identifying network and system vulnerabilities for core and cloud connected systems.

This role will also play a key part in supporting incident response team activities by collaborating cyber related events. The Sr. Security Engineer will be a key member of the change advisory and architectural review boards and will also partner closely with Cyber Security, Data Protection, Enterprise Architecture and MSSP personnel.

Key Responsibilities:
  • Provide technical leadership and expertise with the deployment and maintenance of security systems and controls to support Brighthouse Financial systems and applications
  • Responsible for the planning, design, installation, maintenance and support of security control technologies including but not limited; unified threat managed firewalls, intrusion prevention & detection systems, enterprise endpoint detection and response, anti-virus and patching solutions, data leakage prevention, two-factor authentication, threat detection, vulnerability scanners, web-filtering, VPNs, cloud protections and messaging protection technologies
  • Collaborate with IT staff including Operations, Engineering and Enterprise Architecture and business units to assess risk and address security issues
  • Provide expertise and guidance surrounding cyber related issues while recommending solutions that mitigate and eliminate risk
  • Define security requirements and review systems to determine if they have been designed to comply with established security standards; develop new standards as necessary
  • Participate in forensics and post-mortem investigations of Information Security incidents while collaborating on investigative reporting
  • Ensure that controls are in place and managed properly to meet legal and regulatory compliance on all network and system infrastructures
  • Assist in the enforcement of security policies from planning, technology safeguards and remediation for data, software applications, systems including cloud connected infrastructure and systems
  • Ensure the development of and adherence to industry standards and best practices for all Information Security related systems and applications
  • Validate and tests security architecture and design solutions to produce detailed engineering specifications, recommend vendor technologies where applicable
  • Review and recommends the installation, modification or replacement of hardware or software components and any configuration changes that affect or baseline security risk posture
  • Lead InfoSec development, testing and assurance functions to ensure that projects are securely delivered and meet requirements
  • Build and maintain relationships with teams and third parties on security development and support issues
  • Be a member of the Security Incident Response Team, providing a high level of expertise in support of expedited problem resolution
  • Serve as key engineering support for in-house security systems and technology and MSSP supported technology and other reporting channels
  • Drive consistent operating system (server, endpoint, virtual) hardening, access configuration, upgrades, patching, logging and vulnerability resilience
  • Perform highly technical security technology control configuration reviews, recommend and apply (directly or through oversight)
  • Perform security gap assessments on in-place security deployments, make recommendations for continued cyber resilience hardening
  • Participate in review and approval of standards, conventions, solution architectures and other artifacts created by the Brighthouse Enterprise Architecture organization
  • Contribute to the business and technology drivers behind development of the Target State Architecture for the Security domain by working closely with Enterprise Architecture
  • Provide the next, deeper level of detail supporting the Security configurations for solution architectures which are developed by the Enterprise Architecture organization

Essential Business Experience and Technical Skills:
  • 7+ years' experience in cybersecurity, with a system and network security engineering background
  • Highly technical and analytical with a proven diverse IT and security background, preferred 5+ years supporting IT Operations, networking or system administration
  • Experience with security validation teaming to identify and remediate issues rapidly
  • Experience in cloud computing technologies, including software, infrastructure and platform-as-a-service, as well as public, private, and hybrid environments
  • Experience and successful in delivering vulnerability and penetration testing requirements
  • Experience managing SIEM systems, threat intelligence platforms, security automation and orchestration solutions, IDS/IPS, Cloud Access Security Brokers (CASB), data loss prevention (DLP) and other network and system monitoring tools
  • Experience with Microsoft Exchange and anti-spam technologies and protocols
  • Extensive expertise in developing and supporting complex security solutions is required
  • Previous Network Engineering or Systems Engineering background preferred
  • Experience using scripting languages to automate tasks and manipulate data; programming experience is a plus
  • System administration experience in a Windows, Linux and Unix environment
  • Experience securing web applications and a strong understanding of web application design, function, and Secure Software Development Lifecycle
  • Experience developing technical documents and procedures, topology maps and with various software applications
  • Ability to explain complex ideas and concepts to both a technical and nontechnical audience, both verbally and written
  • Solid understanding of security operations in interconnected cloud environments such as Azure, AWS, VMware and other SaaS environments
  • Strong understanding of cryptography, and how it should be applied to Brighthouse systems and applications
  • Ability to communicate and navigate across cross-functional teams and providers
  • Good understanding of cyber risk attack approaches (e.g. lateral movement, indicators of compromise, privilege escalation), indicator of compromises and persistent threats
  • Proven experience in supporting security operations and managing solutions for multiple business units and locations
  • Knowledge of laws, regulations, guidelines, and frameworks within the financial services industry that mandate information security and information risk management requirements such as NY-DFS, FFIEC, NIST, COBIT, ISO27001, GLBA, OCC Heightened Standards, etc.
  • Ability to effectively execute concurrent activities and maintain focus on key details during times of crisis and heightened pressure
  • Enjoys working in a growth-oriented, entrepreneurial, high-energy environment
  • Certification(s) preferred - Certified Information Systems Security Professional (CISSP)
  • Bachelor's degree in a relevant field (e.g., Information Systems, Business Administration, or related major).

Less than 10%