Share this Job

AVP Security Strategy & Architecture - Brighthouse Financial

Date Posted: Sep 7, 2017

Location: Charlotte, NC, US, 28277

Company: MetLife

Job Location: United States : North Carolina : Charlotte  

 

Brighthouse Financial is a new company established by MetLife. We’re on a mission to help people achieve financial security. Built on a foundation of industry knowledge and experience, we specialize in offering essential annuity and life insurance products designed to help customers protect what they’ve earned and ensure it lasts more predictably. In an industry that often has a reputation for complexity, confusion, and cost, Brighthouse Financial is different. Our approach includes simplicity, transparency, and more value so customers can face the future with confidence.

 

Brighthouse Financial is seeking passionate, high-performing team members to help us carry out our mission and be part of an exciting journey toward improving the financial futures of our millions of customers. Sound like you? Read on.

 

Role Value Proposition:

Reporting to the Chief Information Security Officer (CISO) of Brighthouse Financial, the Leader Security Strategy & Planning will have accountability for designing, operating and optimizing the Cybersecurity Strategy, Architecture and Planning functions.

The scope of the Leader role includes establishment of a vision for the security program, security architecture function, policies / standards and security awareness and training. In terms of teaming, the Leader will oversee a lean internal team that is supported by a leading Managed Service Provider (MSP) and other service providers.  The Leader will be responsible for defining security capabilities to protect company information assets that are supported by a strategy and capabilities roadmap.

 

Key Responsibilities:

  1. Ownership of the Information Security Strategy functions. This includes:
    • Demonstrate extensive knowledge of standards, industry leading practices, and sound judgment to establish an Information Security strategy and roadmap to guide the design, engineering and maturation of security services and solutions.
    • Demonstrate proficiency in cybersecurity related compliance requirements (SOX, NY-DFS, PCI, HIPPA, etc.).
    • Regularly partner with the business to understand their strategic objectives /goals, technology needs, and emerging trends
    • Ownership of the information security project portfolio inclusive of architecture and awareness activities
    • As appropriate support information security assessments and audits
  2. Ownership of the Information Security Architecture function. This includes:
    • Set overall cyber security architecture direction for the enterprise, to ensure consistency where practical
    • Define enterprise level cyber security measures and reference architecture patterns, and manage traceability between business strategy and cyber security
    • Work collaboratively with the Enterprise Architecture team to design and implement enterprise security capabilities into solution architecture
    • Serve as an escalation point for security architecture decisions that span multiple business divisions
    • Provide technical guidance for designing security capabilities in a cloud and traditional MSP/outsourced IT environment
  3. Metrics and reporting – an integral part of the cybersecurity program will be to measure performance by establishing key performance indicators (KPI) and key risk indicators (KRI) and supporting processes to report and socialize
  4. Together with the Director of IT Risk and Compliance design processes to measure and monitor that employees and third-party vendors are adhering to Brighthouse Financials’ relevant security policies and procedures
  5. Inculcate and foster a security risk aware culture through the development of a security awareness program with education, training and continuous communication
  6. Measures and supporting evidence for existing information security programs and projects
  7. Support for Strategic Initiatives including merger and acquisition activity, etc.

 

Essential Business Experience and Technical Skills:

  • Demonstrated success in implementing an Information Security Framework, solution and service, from design through engineering and implementation to reliable operation for a medium to large organization
  • Expertise in designing, monitoring and optimizing security measures to protect information assets (including IP and transaction processing systems) in cloud-based solutions (IaaS, PaaS, SaaS)
  • Experienced in designing and monitoring security services (e.g., security monitoring, access administration, data protection, etc.) by leveraging managed service provider (MSP) and cloud-based solutions
  • 12-15 years of broad technology experience in cybersecurity architecture, strategy, policy and awareness with a strong record of success in designing and managing information security programs.  .  Experience managing complex information technology programs, preferably within the financial services or other heavily regulated industries is a plus.
  • Intelligent and persuasive leader with excellent interpersonal, verbal and written communication skills.
  • Accomplished and effective change leader with people management skills and ability to implement and drive adoption of risk management programs. 
  • Experience in working with managed services providers (MSP)
  • Sound working knowledge of industry leading practices (ISO, NIST, SANS, COBIT, TOGAF, SABSA) and legislative / regulatory compliance requirements (SOX, PCI, HIPPA, NY-DFS, etc.).
  • Bachelor’s degree and related field required; Advanced degree in management or a related technical field is preferred.
  • Relevant security certification is desired (e.g., CISM, CISSP, SANS GSEC, CEH, etc.)

 

Leadership Competencies:

  • Thinks strategically – Sets direction aligned to the company’s business and security strategy, applying external and global perspective to meet our needs.
  • Creates partnerships – Authentically builds trusted relationships and collaborates across diverse and multi-functional internal and vendor teams to successfully drive business objectives.
  • Models our values – Creates a culture that promotes the company’s values and standards through role modeling, accountability and ownership of decisions.
  • Drives results – Sets aggressive goals and is accountable for continuously driving improved performance, leading change and ensuring high standards.

 

Travel

Up to 15%

 

Business Category

Information Technology

 

Brighthouse Financial is a proud equal opportunity/affirmative action employer committed to attracting, retaining, and maximizing the performance of a diverse and inclusive workforce. It is Brighthouse Financial's policy to ensure equal employment opportunity without discrimination or harassment based on race, color, religion, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity or expression, age, disability, national origin, marital or domestic/civil partnership status, genetic information, citizenship status, uniformed service member or veteran status, or any other characteristic protected by law.

 

For immediate consideration, click the Apply Now button. You will be directed to complete an on-line profile. Upon completion, you will receive an automated confirmation email verifying you have successfully applied to the job.

 

Brighthouse Financial is committed to providing reasonable accommodations to qualified individuals with disabilities. If you require a reasonable accommodation in order to complete an employment application, please contact our Employee Relations Department at 1-866-635-9230 or email bhfemployeerelations@brighthousefinancial.com. All other unrelated inquires will not be acknowledged.


Nearest Major Market: Charlotte