Security Operations Leader

  • Competitive
  • Charlotte, NC, USA Charlotte NC US
  • Permanent, Full time
  • Brighthouse Financial, Inc.
  • 19 Jun 18 2018-06-19

Security Operations Leader

Brighthouse Financial is a new company established by MetLife. We're on a mission to help people achieve financial security. Built on a foundation of industry knowledge and experience, we specialize in offering essential annuity and life insurance products designed to help customers protect what they've earned and ensure it lasts more predictably. In an industry that often has a reputation for complexity, confusion, and cost, Brighthouse Financial is different. Our approach includes simplicity, transparency, and more value so customers can face the future with confidence.

Brighthouse Financial is seeking passionate, high-performing team members to help us carry out our mission and be part of an exciting journey toward improving the financial futures of our millions of customers. Sound like you? Read on.

Role Value Proposition:
We are looking for a Security Operations Lead to join our growing information security team. In this role the selected candidate will operate independently and as part of a team to provide defense and response control optimization of security operations. This position is both a governance and hands-on role in support of protecting the distributed cloud ecosystem. The candidate should have strong information security skillset and a deep understanding of cyber hacker attack methodologies and defensive counter strategies. This position will report directly to Assistant Vice President of Security Operations and Incident Response.

The Security Operations Lead will have accountability for day to day security technology operations, technology governance, control enablement, and tuning of traditional and cloud enable controls. This role will be responsible for the overall optimization of CASB, SIEM, Malware, Data Loss Prevention and perimeter defense controls with key solution providers. The selected candidate will also be tasked with providing key performance and operational metrics in support of security control expectations.

The scope of the Security Operations Lead role includes establishing a consistent and reliable operational security environment and a proactive security monitoring approach in support of best in performance and cost cloud-security model in accordance with leadership expectations and strategy objectives. This role will be an individual contributor that will be responsible for managing a dedicated Managed Security Service Provider (MSSP) team and other service provider personnel. The Security Operations Leader will also be responsible for the enablement of security controls across all company information assets and platforms (technology platforms, cloud instances and data centers) associated with Brighthouse Financial. This also includes making recommendations on control lifecycle prioritization and optimization of cyber-related control mechanisms and regular performance testing of existing and new capabilities.

Key Responsibilities:

  • Ownership of security controls and process in support of cyber-resilience. This includes: Unified Threat Management, CASB, SEIM, malware controls, data loss prevention technology controls, Cloud messaging anti-phishing and malware controls
  • Provide active monitoring and governance to ensure that third party technology providers adhere and align to Brighthouse Financials relevant security policies, standards and practices
  • Ownership of the relevant Information Security supporting control processes including all information security (technical, process) activities across domains of information security: access control, connectivity/communications, security operations, AD security, and event management
  • Support for Technology Strategic Initiatives including the application and infrastructure establishment and simplification, transparency and value
  • Measures and supporting evidence of operational efficiency and excellence

Essential Business Experience and Technical Skills:
  • Intelligent and persuasive manager with good interpersonal, verbal and written communication and presentation skills
  • 8 to 12 years of broad technology experience in operational security and infrastructure services with a strong record of success in managing information security. Specific focus on operational / cloud security technology management preferred. Should have experience managing complex information technology programs, preferably within the financial services or information security industries
  • Accomplished and effective change manager with people management responsibility and ability to implement and drive adoption of risk management programs as required for Brighthouse Financial
  • Manages across vendor sourced solutions and consultants, ensuring vendor performance and deliverables meet specifications. Must direct members across the organization, ensuring alignment of resources across functions and matrix. Creative, innovative and thorough approach with the ability to operate autonomously
  • Sound working knowledge of industry best practices (NIST, ISO, SANS, COBIT, CERT) and Legislative and Regulatory and Industry Compliance Requirements (Sox, PCI, HIPPA, etc.)
  • Bachelor's degree and/or related field experience required, security certifications highly preferred