Security Architect

Built on meritocracy, our unique company culture rewards self-starters and those who are committed to doing what is best for our customers.

It's an exciting time to join Brown & Brown! Our business is growing both in North America and internationally which emphasizes the need to build an unparalleled team that promotes future growth.

We're excited to continue solidifying that foundation as we are looking for a Security Architect to join our growing team.

The Security Architect will identify, evaluate and implement new technologies to improve the organization’s capability of identity, protection, detection, response, and recovery, modeling security architecture for standardized solutions in a zero-trust environment

Who We Are : Brown & Brown, Inc. is a growing global insurance brokerage firm delivering risk management solutions and services since 1939.

Our unique culture is built on honestly, integrity, innovation and discipline and defines who we are and how we treat our customers, teammates and the communities we serve.

We think of ourselves as a team, so we have teammates not employees. We prioritize health, family, and business in that order.

We embrace and celebrate diversity, always striving to be an inclusive place where you have the power to be yourself. Traded on the New York Stock Exchange as BRO, Brown & Brown is a big company that doesn’t act like one.

Who We Are Looking For : We are looking for passionate team players who believe in working hard and having fun in a collaborative environment.

Our team is customer-focused and values the importance of strong relationships, professionalism, and trust. We embrace solutions-oriented big thinkers who are committed to results and aren’t afraid to take risks.

We are driven to set goals high and aim even higher.

General Responsibilities :

Model the enterprise architecture to map and communicate risk

Track technology architecture alignment with business criticality and value

Monitor application and technology lifecycle risk

Identify opportunities for application and technology rationalization

Participate in change review board

Review and update polices and evaluate exception requests

Evaluate plans and procedures for system resiliency, disaster recovery and business continuity

Develop security standards and reference models

Lead and support information security projects by researching, documenting, and implementing security solutions

Select, develop, and manage the implementation of systems, tools, and processes that will keep the firm at the leading edge of security which includes a continually evolving inventory of gaps to be mitigated and formulation of a proactive strategy to evaluate and implement mitigating technologies

Project team member and key player in the deployment of the firms MSSP

Work with our industry partners to communicate our approach to security and develop programs to establish typical industry security audit reports (SOC 2, etc.)

A strong security posture in direct interaction with (DevOps team) deployment orchestration, automation, and security configuration management

Assists in risk assessment and action plan to increase the security posture of the firm

Lead assessment, development, implementation, optimization, and documentation of a comprehensive and broad set of security technologies and processes (secure software development, application security, data protection, cryptography, key management, identity and access management, network security) within SaaS, IaaS, PaaS in cloud environments

Continuously remain current on emerging security threats and technologies

Leverage firms’ threat intelligence sources & partners to maintain an understanding of emerging security threats and advanced threat actor’s capabilities

Support, maintain and enhance firm’s Orchestration and Automation platform

Serve as the security subject-matter expert on technical questions and mentor junior analysts

Integrate threat intelligence feeds and sources with firm’s security monitoring infrastructure

Design, develop and deploy automation playbooks for automated incident response investigations

Identify, procure and prototype new solutions designed to prevent, detect, and respond to threats

Track technology architecture, align with business criticality and value, evaluate resiliency, application and device rationalization and lifecycles, disaster recovery

Required Qualifications :

Microsoft Certified : Azure Security Engineer Associate

Demonstrated Microsoft cloud security architecture experience

3-5+ years in a hands-on technical role in information security supporting a large organization

B.S. in Computer Science or Engineering or similar technical program or equivalent experience

At least one active security certification : CEH, OSCP, CPTE, CISM, CISSP or related other technology certifications desired

Proven experience in Cyber Security Frameworks such as NIST CSF and associated security controls

Expert knowledge of security principals and relevant technologies and vendors

Leadership experience managing projects being a key liaison with internal and external partners

What we offer :

Excellent growth and advancement opportunities

Competitive pay based on experience

Discretionary Time Off (DTO)

Generous benefits package : health, dental, vision, 401(k), etc.

Employee Stock Purchase Plan

Tuition Reimbursement and Student Loan Repayment Assistance

Mental Health Resources

We are an Equal Opportunity Employer. We take pride in the diversity of our team and seek diversity in our applicants.