Information Security Architect

Built on meritocracy, our unique company culture rewards self-starters and those who are committed to doing what is best for our customers.

It's an exciting time to join Brown & Brown! Our business is growing both in North America and internationally which emphasizes the need to build an unparalleled team that promotes future growth.

We're excited to continue solidifying that foundation as we are looking for a Security Architect to join our growing team.

The Security Architect will identify, evaluate and implement new technologies to improve the organization’s capability of identity, protection, detection, response, and recovery, modeling security architecture for standardized solutions in a zero-trust environment.

Who We Are : Brown & Brown, Inc. is a growing global insurance brokerage firm delivering risk management solutions and services since 1939.

Our unique culture is built on honestly, integrity, innovation and discipline and defines who we are and how we treat our customers, teammates and the communities we serve.

We think of ourselves as a team, so we have teammates not employees. We prioritize health, family, and business in that order.

We embrace and celebrate diversity, always striving to be an inclusive place where you have the power to be yourself. Traded on the New York Stock Exchange as BRO, Brown & Brown is a big company that doesn’t act like one.

Who We Are Looking For : We are looking for passionate team players who believe in working hard and having fun in a collaborative environment.

Our team is customer-focused and values the importance of strong relationships, professionalism, and trust. We embrace solutions-oriented big thinkers who are committed to results and aren’t afraid to take risks.

We are driven to set goals high and aim even higher.

General Responsibilities :

• Model the enterprise architecture to map and communicate risk
• Track technology architecture alignment with business criticality and value
• Monitor application and technology lifecycle risk
• Identify opportunities for application and technology rationalization
• Participate in change review board
• Review and update polices and evaluate exception requests
• Evaluate plans and procedures for system resiliency, disaster recovery and business continuity
• Develop security standards and reference models
• Lead and support information security projects by researching, documenting, and implementing security solutions
• Select, develop, and manage the implementation of systems, tools, and processes that will keep the firm at the leading edge of security which includes a continually evolving inventory of gaps to be mitigated and formulation of a proactive strategy to evaluate and implement mitigating technologies
• Project team member and key player in the deployment of the firms MSSP
• Work with our industry partners to communicate our approach to security and develop programs to establish typical industry security audit reports (SOC 2, etc.)
• A strong security posture in direct interaction with (DevOps team) deployment orchestration, automation, and security configuration management
• Assists in risk assessment and action plan to increase the security posture of the firm
• Lead assessment, development, implementation, optimization, and documentation of a comprehensive and broad set of security technologies and processes (secure software development, application security, data protection, cryptography, key management, identity and access management, network security) within SaaS, IaaS, PaaS in cloud environments
• Continuously remain current on emerging security threats and technologies
• Leverage firms’ threat intelligence sources & partners to maintain an understanding of emerging security threats and advanced threat actor’s capabilities
• Support, maintain and enhance firm’s Orchestration and Automation platform
• Serve as the security subject-matter expert on technical questions and mentor junior analysts
• Integrate threat intelligence feeds and sources with firm’s security monitoring infrastructure
• Design, develop and deploy automation playbooks for automated incident response investigations
• Identify, procure and prototype new solutions designed to prevent, detect, and respond to threats
• Track technology architecture, align with business criticality and value, evaluate resiliency, application and device rationalization and lifecycles, disaster recovery

Required Qualifications :

• Microsoft Certified : Azure Security Engineer Associate
• Demonstrated Microsoft cloud security architecture experience
• 3-5+ years in a hands-on technical role in information security supporting a large organization
• B.S. in Computer Science or Engineering or similar technical program or equivalent experience
• At least one active security certification : CEH, OSCP, CPTE, CISM, CISSP or related other technology certifications desired
• Proven experience in Cyber Security Frameworks such as NIST CSF and associated security controls
• Expert knowledge of security principals and relevant technologies and vendors
• Leadership experience managing projects being a key liaison with internal and external partners

What we offer :

• Excellent growth and advancement opportunities
• Competitive pay based on experience
• Discretionary Time Off (DTO)
• Generous benefits package : health, dental, vision, 401(k), etc.
• Employee Stock Purchase Plan
• Tuition Reimbursement and Student Loan Repayment Assistance
• Mental Health Resources

We are an Equal Opportunity Employer. We take pride in the diversity of our team and seek diversity in our applicants.