Share this Job

IT Security Analyst II

Req Id:  3041
Job Location: 

Charlotte, NC, US, 28277

Brighthouse Financial is on a mission to help people achieve financial security. As one of the largest providers of annuities and life insurance in the U.S., we specialize in products designed to help people protect what they’ve earned and ensure it lasts. We are built on a foundation of experience and knowledge, which allows us to keep our promises and provide the value they deserve.


At Brighthouse Financial, we’re fostering a culture where diverse backgrounds and experiences are celebrated, and different ideas are heard and respected. We believe that by creating an inclusive workplace, we’re better able to attract and retain our talent, provide valuable solutions that meet the needs of our advisors and their clients, and deliver on our mission of helping more people achieve financial security. We’re seeking passionate, high-performing team member to join us. Sound like you? Read on. 


How This Role Contributes to Brighthouse Financial:

Our IT Security / BCP team is looking for a strong IT Security Analyst II to monitor network security systems and identify potential cybersecurity threats. Reporting into the Leader of Cybersecurity Technology, the IT Security Analyst will be part of the Computer Security Incident Response Team (CSIRT) that leverages multiple security technologies and resources to identify, investigate and respond to cybersecurity threats facing BHF’s SaaS cloud environment.


The IT Security Analyst II will be responsible for daily cybersecurity activities and serve as the primary responder for Tier 3 incident reporting to the Brighthouse Security Operations Center (SOC). Additionally, you will support ad-hoc technical investigations, drives process improvement and support new threat detection capabilities.


Work Location:

To protect the health and safety of our employees, our offices are closed until at least September 2021. When our offices reopen our preference is the individual hired for this role will be based in our Charlotte, NC office.  However, we are considering fully remote employees. 


Key Responsibilities:

  • Monitor and identify cybersecurity / information technology related incidents that involve enterprise systems and data including personally identifiable information (PII). 
  • Detect, investigate and report cybersecurity incidents. 
  • Maintains and enhances the vulnerability testing and remediation process.
  • Create cybersecurity reporting metrics, dashboards and scorecards.
  • Help improve the overall security posture by independently verifying the security of enterprise systems, and to ensure the timely dissemination of security information to the appropriate stakeholders. 
  • Analyze firewall logs, Full Packet Capture (PCAP), IDS alerts, Anti-malware alerts, Host Intrusion Prevent System (HIPS), and server and application logs to investigate events and incidents for anomalous activity and produce reports of findings. 
  • Collaborate with SaaS support partners to ensure processes and controls are operating as designed
  • Work with SaaS support partners to provide effective incident response (IR).
  • Conduct reviews and analysis of proxy logs, Microsoft Windows and Active Directory logs, Orchestrator logs, and malicious code to identify, contain, eradicate, and ensure recovery from incidents. 
  • Develop and maintain playbooks to help analysts respond to cyber threats. 
  • Provide guidance and leadership for on-site investigations and forensics.
  • Maintain chain of custody in accordance with incident handling procedures and in compliance with NYDFS and other applicable regulations and frameworks. 
  • Collaborate across organizational lines through participation in regular IR working group sessions. 
  • Develop advanced runbooks and automation based on reporting and response measurements.
  • Supporting data protection tools, processes and Managed Security Service Providers.
  • Monitor security threat feeds, articles, and reports to remain up to date on the latest security risks, threats, and technology trends.


Essential Business Experience and Technical Skills:

  • Bachelor's degree or equivalent experience.
  • Excellent verbal and written communication skills.
  • Knowledge and understanding of cybersecurity industry best practices.
  • Knowledge of SaaS cloud security and services including O365 and Azure.
  • Knowledge and understanding of vulnerability identification, remediation and reporting.
  • Knowledge of NIST and MITRE attack framework. 
  • Knowledgeable and experience with security threat detection and endpoint security.


Preferred Information Security certifications

  • Security+ 
  • CEH - Certified Ethical Hacker 
  • ECIH- Certified Incident Handler   
  • EC Council Certified Security Analyst 


Our Benefits:

  • Time Off: Minimum of 20 days of paid time off and 13 paid company holidays per full calendar year, plus paid volunteer time
  • Financial Benefits: 401(k) savings plan with up to a 6% annual match and 3% annual company nondiscretionary contribution of eligible compensation, annual incentive plan, and employee stock purchase plan
  • Family Focus: Up to 16 weeks of paid leave for new parents, back-up care program, dependent care flexible spending account, and adoption and surrogacy assistance
  • Health and Welfare: Competitive medical, vision and dental plans, plus tax-free health savings accounts with potential company contributions up to $1,000 per family
  • Wellness Programs: Wellness incentive platform, employee assistance program, financial counseling services, fitness center discounts and more
  • Life & Disability Benefits: Company-paid basic life insurance and short-term disability



Less than 5%


Number of Openings:



Nearest Major Market: Charlotte

Job Segment: Information Security, Technology