Built on meritocracy, our unique company culture rewards self-starters and those who are committed to doing what is best for our customers.
It's an exciting time to join Brown & Brown! Our business is growing both in North America and internationally which emphasizes the need to build an unparalleled team that promotes future growth. We're excited to continue solidifying that foundation as we are looking for a Security Architect to join our growing team.
The Security Architect will identify, evaluate and implement new technologies to improve the organization’s capability of identity, protection, detection, response, and recovery, modeling security architecture for standardized solutions in a zero-trust environment
Who We Are: Brown & Brown, Inc. is a growing global insurance brokerage firm delivering risk management solutions and services since 1939. Our unique culture is built on honestly, integrity, innovation and discipline and defines who we are and how we treat our customers, teammates and the communities we serve. We think of ourselves as a team, so we have teammates---not employees. We prioritize health, family, and business---in that order. We embrace and celebrate diversity, always striving to be an inclusive place where you have the power to be yourself. Traded on the New York Stock Exchange as BRO, Brown & Brown is a big company that doesn’t act like one.
Who We Are Looking For: We are looking for passionate team players who believe in working hard and having fun in a collaborative environment. Our team is customer-focused and values the importance of strong relationships, professionalism, and trust. We embrace solutions-oriented big thinkers who are committed to results and aren’t afraid to take risks. We are driven to set goals high and aim even higher.
General Responsibilities:
Model the enterprise architecture to map and communicate risk
Track technology architecture alignment with business criticality and value
Monitor application and technology lifecycle risk
Identify opportunities for application and technology rationalization
Participate in change review board
Review and update polices and evaluate exception requests
Evaluate plans and procedures for system resiliency, disaster recovery and business continuity
Develop security standards and reference models
Lead and support information security projects by researching, documenting, and implementing security solutions
Select, develop, and manage the implementation of systems, tools, and processes that will keep the firm at the leading edge of security which includes a continually evolving inventory of gaps to be mitigated and formulation of a proactive strategy to evaluate and implement mitigating technologies
Project team member and key player in the deployment of the firms MSSP
Work with our industry partners to communicate our approach to security and develop programs to establish typical industry security audit reports (SOC 2, etc.)
A strong security posture in direct interaction with (DevOps team) deployment orchestration, automation, and security configuration management
Assists in risk assessment and action plan to increase the security posture of the firm
Lead assessment, development, implementation, optimization, and documentation of a comprehensive and broad set of security technologies and processes (secure software development, application security, data protection, cryptography, key management, identity and access management, network security) within SaaS, IaaS, PaaS in cloud environments
Continuously remain current on emerging security threats and technologies
Leverage firms’ threat intelligence sources & partners to maintain an understanding of emerging security threats and advanced threat actor’s capabilities
Support, maintain and enhance firm’s Orchestration and Automation platform
Serve as the security subject-matter expert on technical questions and mentor junior analysts
Integrate threat intelligence feeds and sources with firm’s security monitoring infrastructure
Design, develop and deploy automation playbooks for automated incident response investigations
Identify, procure and prototype new solutions designed to prevent, detect, and respond to threats
Track technology architecture, align with business criticality and value, evaluate resiliency, application and device rationalization and lifecycles, disaster recovery
Required Qualifications:
Microsoft Certified: Azure Security Engineer Associate
Demonstrated Microsoft cloud security architecture experience
3-5+ years in a hands-on technical role in information security supporting a large organization
B.S. in Computer Science or Engineering or similar technical program or equivalent experience
At least one active security certification: CEH, OSCP, CPTE, CISM, CISSP or related other technology certifications desired
Proven experience in Cyber Security Frameworks such as NIST CSF and associated security controls
Expert knowledge of security principals and relevant technologies and vendors
Leadership experience managing projects being a key liaison with internal and external partners
What we offer:
Competitive pay based on experience
Discretionary Time Off (DTO)
Generous benefits package: health, dental, vision, 401(k), etc.
Employee Stock Purchase Plan
Tuition Reimbursement and Student Loan Repayment Assistance
Mental Health Resources
We are an Equal Opportunity Employer. We take pride in the diversity of our team and seek diversity in our applicants.
