Senior Engineer, Security Risk
Charlotte, NC, United States
Brightspeed
Discover Brightspeeds ultrafast fiber and broadband internet plans with no bundles, annual contracts, or data caps. Check availability today!Company Description
At Brightspeed, we are reimagining how people live, work, play and connect by providing fast, reliable internet connections and an awesome customer experience in twenty states throughout the Midwest and South.
Backed by funds managed by Apollo Global Management, our vision is to accelerate the upgrade of copper to fiber optic technologies, bringing faster and more reliable internet service to many rural markets traditionally underserved by broadband providers, while delivering best-in-class customer experience.
Be a part of the team that will make this vision a reality….designing and building a world class fiber network and creating a customer experience second to none.
Job Description
We are currently looking for a Senior Engineer, Security Risk to join our growing team! In order for you to be successful in this role, you will need to be a highly experienced technical cybersecurity professional. You will be responsible for identifying, assessing, and mitigating security risks across all Brightspeed systems, applications, networks, and infrastructure, often by designing and implementing robust security controls, conducting risk assessments, and providing expert guidance to other teams to minimize potential threats and ensure compliance with security standards. In this role, the candidate must have a deep understanding of security architecture, threat landscapes, and industry best practices to lead security initiatives.
As Senior Engineer, Security Risk, your duties and responsibilities will include:
- Lead security initiatives to improve and mature the security posture and compliance across all business units
- Own the logical and analytical process of identifying risk, assessing risk, and taking steps to reduce risk to an acceptable level
- Perform comprehensive risk assessments to identify vulnerabilities and potential threats across the organization's systems, applications, and networks
- Review system designs, application architectures, and code to identify security weaknesses and provide recommendations for improvement
- Collaborate with application development teams and review code for security issues, ensure the secure coding standards and best practices. Utilize static and dynamic analysis tools to assess the security posture of software code
- Create detailed threat models to understand potential attack vectors and prioritize security controls based on risk levels
- Design and implement security architectures to protect sensitive data, including access controls, encryption, and data protection mechanisms
- Identify critical vulnerabilities, and prioritizing remediation efforts and drive SLA
- Prepare and present risk assessment reports, security metrics, and executive summaries to stakeholders, including management, technical teams, and business units. Communicate complex security risks in a clear and concise manner
- Create and maintain security policies and procedures aligned with industry best practices and regulatory requirements
- Ensure adherence to relevant security regulations, industry standards, internal policies and standards, and data privacy laws
- Educate employees on security best practices and awareness of potential threats
- Guide and mentor security engineers and architects on security principles and practices
- Collaborate with internal stakeholders, including executive leadership, legal, compliance, IT, and Network teams, to ensure security risk management and governance strategies are integrated into business operations
Qualifications
WHAT IT TAKES TO CATCH OUR EYE:
- Bachelor’s Degree in Cyber Security, Computer Science, or directly related field
- 7+ years of experience in Cyber Security
- Excellent communication and collaboration skills, including the ability to effectively communicate security risk management and governance strategies to both technical and non-technical stakeholders
- Broad knowledge and experience in all eight cyber security domains
- Experience developing and implementing security policies, procedures, and standards
- Knowledge of relevant regulations and standards, such as NIST, SOX, and PCI
- 5+ years in a variety of telecommunications and IT roles
- Experience leading security risk assessments, threat modeling, developing risk treatment plans, and developing risk management frameworks
- Strong technical IT and Network background
BONUS POINTS FOR:
- Certified Information Security Systems Security Professional (CISSP) or Certified in Risk and Information Systems Control (CRISC)
- Strong understanding of Telecommunications and ISP networks
- Knowledge of secure coding practices and software development lifecycle (SDLC) security
#LI-SS1
Additional Information
WHY JOIN US?
We aspire to contemporary ways of working.
Recognized as a Top Workplace by the Charlotte Observer, Brightspeed HQ is located on the 7th floor of the new Vantage South End - East Tower in Charlotte, NC. We prioritize hiring talent in the Charlotte area, whenever possible, to make it a truly vibrant destination for our hybrid workforce. At Brightspeed, we have roles that are designated as remote, hybrid, office or field-based, depending on the position, business needs and individual circumstances. We also invest in technology that enables our entire team to stay connected. Why? Because Brightspeed recognizes the value of finding the best talent for the job, wherever they may be.
We offer competitive compensation and comprehensive benefits.
Our benefits and paid time off programs reflect our underlying belief in promoting overall wellness through physical, emotional and financial health. Brightspeed offers a comprehensive benefit program, including competitive medical, dental, vision, and life insurance; an employee assistance program; a 401K plan with company match and a host of voluntary benefits.
Diversity, equity and inclusion are at the center of our grounding belief in Being Real.
When we bring our authentic selves to work, everyone is better as a result. A diverse team helps us be fierce advocates for more accessible, inclusive and high-quality internet, because we believe doing so promotes equity in the communities we serve.
Brightspeed is an Equal Opportunity Employer/Veterans/Disabled
For all applicants, please take a moment to review our Privacy Notices:
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: CISSP Compliance Computer Science CRISC Encryption Governance NIST Privacy Risk assessment Risk Assessment Report Risk management SDLC SOX Vulnerabilities
Perks/benefits: 401(k) matching Career development Competitive pay Equity / stock options Flex vacation Health care Salary bonus Wellness
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.