Cyber Security Engineer
Boston, MA, United States
Who are we?
A strategic and trusted insurance partner, Berkshire Hathaway Specialty Insurance (BHSI), provides a broad range of commercial property, casualty and specialty insurance coverages and outstanding service to customers and brokers around the world. Part of Berkshire Hathaway’s insurance operations, we bring our solutions to market with our stellar brand name, top-rated balance sheet, and the expertise of our global team of professionals, who exude excellent capabilities and strong character.
We are a values-based organization where respect, integrity, excellence, collaboration, and passion define who we are and how we do business. We value diversity of backgrounds, experience, and perspectives and strive to foster an inclusive environment that enables all our team members to bring their best selves to work. We are one team committed to building a culture where every teammate has the opportunity to contribute and be recognized. Want to be part of the team building the finest property, casualty and specialty lines insurance company in the world?
Learn more about our unique culture and history.
Job Opportunity:
Berkshire Hathaway Specialty Insurance (BHSI) has an exciting opportunity for a mid-level Cyber Security Engineer with at least 3-5 years’ experience with Microsoft 365 or the Azure / Entra security suite to join, in office, their Boston, MA team. As a Cyber Security Engineer, you will have the ability to own and drive success for the team by taking an active role in the execution of our IT security solutions and integrations, while collaborating closely with both internal and external partners. In this newly created role, there is an opportunity for significant growth potential, and the ability to shape the evolution of the security roadmap while making impactful short-term contributions to an organization that places the utmost importance on “doing the right thing”.
Duties & Responsibilities:
Primary responsibilities will include managing the configuration of security solutions that protect the enterprise at the network, endpoint, and email vectors.
Works closely with our external managed security solution provider and SOC analysts to enhance security solutions to reduce malicious and suspicious activity based on security data analysis, review of the current threat landscape, and assessment/triage of security tickets.
Focus on tuning and configuration of Microsoft 365 and Azure security solutions to ensure new features are implemented, alerts are of high fidelity, and beneficial integrations are maintained with other security solutions.
Evaluate systems, the network, and data to determine necessary security protocols and measures, with the use of analysis tools such as KQL, PowerShell, and Microsoft analytics tools as well as industry leading tools and techniques.
Assists in the evaluation, development, implementation, and operationalization of enterprise security solutions, taking lead in ensuring security policies are supported.
Work with our global infrastructure team to analyze security threats and recommend technical infrastructure architecture changes to reduce risk.
Work with development teams in AWS, Azure, and other SaaS solutions to ensure deployments follow security policies and security coding practices, as well as mitigating risk to enterprise and customer data.
Be an escalation point and SME for junior engineers and analysts where Microsoft can support incident response.
Qualifications, Skills, and Experience: Have a ‘security mindset’ in examining and understanding the impact of business and infrastructure changes to the overall security posture both tactically and strategically.
At least three years’ experience as a Microsoft 365 and/or Azure security engineer. This would include proven competence with Conditional Access policies, Defender ATP, Intune polices, and other MSFT security modules.
Demonstrable experience with web application and API development standards, having provided hands on guidance, and assessment for risk, vulnerabilities, and remediation.
Additional hands-on experience in network management, SIEM management, data loss prevention, application security management, and Microsoft Sentinel is beneficial.
Able to prioritize operational and project tasks with the ability to pivot when the risk and impact has been escalated.
Microsoft Azure and/or industry specific security certifications would be a nice to have.
BHSI Offers A competitive package and exciting growth opportunities for career-oriented teammates.
A dynamic, actioned oriented, and thoughtful environment centered on always doing the right thing for our customers, teammates, and our other stakeholders.
A purposely non-bureaucratic organization that embraces simplicity over complexity and emphasizes individual excellence in a team framework.
NOTE: Compensation will be commensurate with experience. This job description is not intended to be all-inclusive. Team Member may perform other related duties as negotiated to meet the ongoing needs of the organization.