Leader of Information Security Management - Brighthouse Financial
Location:
Charlotte , North Carolina
Posted:
July 11, 2017
Reference:
66163-en_US

Job Location: United States : North Carolina : Charlotte  

 

A candidate has been identified for this role.

 

Brighthouse Financial is a new company established by MetLife. We’re on a mission to help people achieve financial security. Built on a foundation of industry knowledge and experience, we specialize in offering essential annuity and life insurance products designed to help customers protect what they’ve earned and ensure it lasts more predictably. In an industry that often has a reputation for complexity, confusion, and cost, Brighthouse Financial is different. Our approach includes simplicity, transparency, and more value so customers can face the future with confidence.

 

Brighthouse Financial is seeking passionate, high-performing team members to help us carry out our mission and be part of an exciting journey toward improving the financial futures of our millions of customers. Sound like you? Read on.

 

 

Reporting to the Chief Information Security Officer (CISO) of Brighthouse Financial, the Leader of Security Incident Management & Operations (“AVP”) will have accountability for designing, optimizing and governing all functions associated with cyber incident detection, response and recovery along with operational accountability and oversight.

 

The scope of the “AVP” role includes establishment of a vision for security threat intelligence, security monitoring, incident management and inclusive of operational elements such as business continuity and disaster recovery. In terms of teaming, the AVP will lead a lean internal team that is supported by a leading Managed Service Provider (MSP) and other service providers.  The AVP will be responsible for the monitoring of company information assets across all platforms (technology platforms, cloud instances, data centers, and data and records storage) and physical sites associated with Brighthouse Financial.  This will include proper prioritization of backup and recovery mechanisms and regular testing of capabilities.

 

 

  • Ownership of the development and execution of the Information Security Incident, Security Monitoring and Recovery strategy. This includes:
    • Evaluation and interpretation industry leading practices (NIST, ISO, SANS, COBIT, CERT) and related compliance requirements (Legislative, Regulatory – SOX, NY-DFS, PCI, HIPPA, etc.).
    • Information security threat and vulnerability management, incident reporting, event management, event investigation and analysis, business continuity, and disaster recovery; forensic analysis, as needed
    • Ownership of the applicable information security project portfolio remediation inclusive of incident management and operational activities
    • As appropriate - ownership, management, support and supervision of information security assessments, audits and ongoing monitoring and engineering activities
  • Ensure that third party technology vendors are adhering to Brighthouse Financial’s relevant security standards and practices, and that they can provide evidence of regular testing against those standards.  In collaboration with Procurement, ensure relevant security standards are referenced in our contractual agreements.
  • Ownership of the relevant Information Security Architecture including all information security (technical, process) activities across domains of information security: access control, connectivity/communications, security operations, AD security, cryptography, resiliency, designs and models and event management. Partnering closely with the Chief Architect, ensure security reference architectures are incorporated into the overall technical architecture.
  • Support for Technology Strategic Initiatives including the application and infrastructure establishment and simplification, strategic change management, merger and acquisition activity, etc.
  • Measures and supporting evidence of operational efficiency and excellence

 

 

  • 10-15 years of broad technology experience in application development and infrastructure services with a strong record of success in managing information security.  Specific focus on resiliency / continuity planning, auditing and risk management preferred.  Should have experience managing complex information technology programs, preferably within the financial services or information security industries.
  • Intelligent and persuasive leader with good interpersonal, verbal and written communication and presentation skills.
  • Accomplished and effective change leader with people management responsibility and ability to implement and drive adoption of risk management programs as required for Brighthouse Financial. 
  • Manages across vendor sourced solutions and consultants, ensuring vendor performance and deliverables meet specifications.  Must direct members across the organization, ensuring alignment of resources across functions and matrix. Creative, innovative and thorough approach with the ability to operate autonomously.
  • Sound working knowledge of industry best practices (NIST, ISO, SANS, COBIT, CERT) and Legislative and Regulatory and Industry Compliance Requirements (Sox, PCI, HIPPA, etc.).
  • Bachelor’s degree and related field experience required, MBA or other advanced degree preferred.

 

 

  • Thinks Strategically – Sets direction aligned to the company’s strategy, applying external and global perspective to meet local and global needs.
  • Creates Partnerships – Authentically builds trusted relationships and collaborates across global, diverse and multi-functional teams to successfully drive business objectives.
  • Models our Values – Creates a culture that promotes the company’s values and standards through role modeling, accountability and ownership of decisions.
  • Drives Results – Sets aggressive goals and is accountable for continuously driving improved performance, leading change and ensuring high standards.

 

Technology

 

1

 

Brighthouse Financial is a proud equal opportunity/affirmative action employer committed to attracting, retaining, and maximizing the performance of a diverse and inclusive workforce. It is Brighthouse Financial's policy to ensure equal employment opportunity without discrimination or harassment based on race, color, religion, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity or expression, age, disability, national origin, marital or domestic/civil partnership status, genetic information, citizenship status, uniformed service member or veteran status, or any other characteristic protected by law.

 

For immediate consideration, click the Apply Now button. You will be directed to complete an on-line profile. Upon completion, you will receive an automated confirmation email verifying you have successfully applied to the job.

 

Brighthouse Financial is committed to providing reasonable accommodations to qualified individuals with disabilities. If you require a reasonable accommodation in order to complete an employment application, please contact our Employee Relations Department at 1-866-635-9230 or email bhfemployeerelations@brighthousefinancial.com. All other unrelated inquires will not be acknowledged.

66163


A little about us:
MetLife offers life insurance, disability income insurance, car insurance, employee benefits and more.

Know someone who would be interested in this job? Share it with your network.