I am...

About the Role

Our client, a leader in technology-enabled healthcare services, is seeking a Senior Information Security Engineer to take ownership of the security infrastructure, focusing on system protection, compliance, and operational security. This hands-on role is 80% focused on implementing and managing security technologies and 20% on compliance and documentation. The position will involve working at the system and shell level in AWS environments and configuring a range of security controls to ensure robust protection.

• Design, implement, and maintain security measures, tools, and frameworks to protect systems and sensitive data.
• Install, configure, and manage security controls such as firewalls, vulnerability scanners, anti-DDoS solutions, anti-malware, IAM systems, and intrusion detection systems in AWS environments.
• Execute shell-level commands and manage server configurations in AWS for optimal security operations.
• Monitor infrastructure for potential threats, conduct incident response, and ensure business continuity through disaster recovery planning.
• Lead compliance initiatives with frameworks like SOC 2, HITRUST, and HIPAA, including audit support, documentation, and process development.
• Perform risk evaluations, vulnerability assessments, and regular security audits to strengthen overall security posture.
• Collaborate with cross-functional teams to align security policies and technical requirements with broader business goals.

Technical Expertise:

• 3-5 years of hands-on experience in security engineering, including deploying and managing tools like IAM, SIEM, firewalls, anti-malware, and vulnerability scanning systems.
• Strong ability to configure, manage, and maintain security technologies in AWS and enterprise environments.
• Experience executing shell-level commands and working within cloud platforms, particularly AWS.

Compliance Knowledge:

• Familiarity with SOC 2, HITRUST, and HIPAA frameworks, with demonstrated experience contributing to audits and implementing compliance processes.
• Strong documentation skills for developing policies, procedures, and security configurations.

Problem-Solving Skills:

• Proven success in identifying, remediating, and preventing security threats while minimizing operational disruptions.

Education and Certifications:

• Bachelor’s degree in Cybersecurity, Information Technology, or a related field (preferred).
• Relevant certifications such as CISSP, CISM, or AWS Security Specialty are a strong plus.

Benefits:

• Competitive Salary: $100,000 - $120,000 annually.
• Growth Opportunities: Work with cutting-edge security technologies in a fast-growing organization.
• Supportive Culture: Collaborative team environment with a focus on professional development.
• Flexible Work Environment: Remote role (onshore candidates only).

Ready to Secure the Future?

Apply now to become a pivotal part of a high-performing security team, managing cutting-edge technologies and critical compliance efforts in a dynamic healthcare technology environment.

Company Description

At Brightspeed, we are reimagining how people live, work, play and connect by providing fast, reliable internet connections and an awesome customer experience in twenty states throughout the Midwest and South.

Backed by funds managed by Apollo Global Management, our vision is to accelerate the upgrade of copper to fiber optic technologies, bringing faster and more reliable internet service to many rural markets traditionally underserved by broadband providers, while delivering best-in-class customer experience.

Be a part of the team that will make this vision a reality….designing and building a world class fiber network and creating a customer experience second to none.

Check us out on the web!

• Security Strategy Development: Develop, implement, and refine security strategies for key tools and processes, ensuring alignment with organizational goals and cybersecurity best practices.
• Collaboration and Partnership: Work closely with the Enterprise Cyber Security & IT Infrastructure teams to align on security policies, control frameworks, and compliance requirements, ensuring robust security posture across the IT infrastructure.
• Risk Management and Threat Assessment: Identify and assess potential security risks within IT infrastructure systems, proactively addressing vulnerabilities and implementing threat mitigation strategies.
• Team Leadership: Lead and mentor a team of infrastructure security professionals, fostering a culture of continuous learning, excellence, and security-first mindset.
• Policy Enforcement and Compliance: Ensure all infrastructure security measures adhere to established security policies, regulatory requirements, and industry standards.
• Incident Response and Management: Oversee the incident response process for infrastructure security, collaborating with the Cyber Security team to manage and mitigate security incidents effectively.
• Technology Evaluation and Integration: Evaluate and implement advanced security technologies, that enhance infrastructure security and support a modern IT environment. Drive full implementation and value out of product sets.

Required Qualifications:

• Education: Bachelor's degree in Information Technology, Cybersecurity, Computer Science, or a related field.
• Experience: 10+ years of experience in IT Infrastructure Security, with a minimum of 5 years in a leadership or director-level role.
• Leadership Skills: Proven experience managing and developing high-performing security teams.
• Collaboration: Strong ability to work cross-functionally, especially with Enterprise Cyber Security, Compliance, and IT teams to deliver a cohesive security strategy.
• Analytical Skills: Ability to analyze complex security issues, assess risk, and develop effective mitigation strategies.

Preferred Qualifications:

• Advanced degrees or relevant certifications (e.g., CISSP, CISM) are a plus.
• Cloud Security: Knowledge of securing cloud platforms (AWS, Azure, GCP).
• Incident Response: Experience with forensic tools, malware analysis, and incident mitigation.
• Operating Systems: Experience with Linux, Windows, and Kubernetes, including system hardening techniques.
• Networking Knowledge: Strong understanding of TCP/IP, DNS, firewalls, VPNs, and network protocols.

Additional Information

WHY JOIN US?

We aspire to contemporary ways of working.

Recognized as a Top Workplace by the Charlotte Observer, Brightspeed HQ is located on the 7th floor of the new Vantage South End - East Tower in Charlotte, NC. We prioritize hiring talent in the Charlotte area, whenever possible, to make it a truly vibrant destination for our hybrid workforce. At Brightspeed, we have roles that are designated as remote, hybrid, office or field-based, depending on the position, business needs and individual circumstances. We also invest in technology that enables our entire team to stay connected. Why? Because Brightspeed recognizes the value of finding the best talent for the job, wherever they may be.

We offer competitive compensation and comprehensive benefits.

Our benefits and paid time off programs reflect our underlying belief in promoting overall wellness through physical, emotional and financial health. Brightspeed offers a comprehensive benefit program, including competitive medical, dental, vision, and life insurance; an employee assistance program; a 401K plan with company match and a host of voluntary benefits.

Diversity, equity and inclusion are at the center of our grounding belief in Being Real.

When we bring our authentic selves to work, everyone is better as a result. A diverse team helps us be fierce advocates for more accessible, inclusive and high-quality internet, because we believe doing so promotes equity in the communities we serve.

Brightspeed is an Equal Opportunity Employer/Veterans/Disabled

For all applicants, please take a moment to review our Privacy Notices:

• Brightspeed’s Privacy Notice for California Residents
• Brightspeed’s Privacy Notice

Summary Information about the Role

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities and shareholders every day.

One of the keys to driving Responsible Growth is being a great place to work for our teammates around the world. We’re devoted to being a diverse and inclusive workplace for everyone. We hire individuals with a broad range of backgrounds and experiences and invest heavily in our teammates and their families by offering competitive benefits to support their physical, emotional, and financial well-being.

Bank of America believes both in the importance of working together and offering flexibility to our employees. We use a multi-faceted approach for flexibility, depending on the various roles in our organization.

Working at Bank of America will give you a great career with opportunities to learn, grow and make an impact, along with the power to make a difference. Join us!

• Establish oversight of information security events and incidents and communicate analysis, containment and remediation efforts to all business partners.
• Incident response and recovery plans will be available to use and should be maintained by the team. Any issues that require management escalation will be expected to be completed in a timely manner including all appropriate information in relation to risk and action times.
• The Incident Manager will be expected to provide status updates and post-incident reports for executives and stakeholders in non-technical terms encompassing risk, impact, likelihood, containment and remediation activities and threat actors.
• Risk management including briefing and recommending actions to executive leadership within Global Information Security and other business partners on events and incidents

Required Qualifications:

• 3+ years of professional Information Security or Information Technology experience
• Proven experience handling Information Security related events and incidents
• Security+ or equivalent certification required within six months of employment
• Experience in an operations focused role with an emphasis on incident response
• Demonstrable experience in the coordination of containment activities related to cyber security incidents
• Familiarity with security vulnerabilities exploits and APT tools, techniques and procedures
• To be an excellent written and oral communicator who can adapt to their audience
• To be decisive and can make difficult decisions in what can be a high pressure environment
• Exercise independent judgment in methods, techniques and evaluation criteria for obtaining results
• Able to handle multiple competing priorities in a fast-paced environment and take action without causing an undue delay

Preferred Qualifications:

• Familiarity with network security vulnerabilities, exploits, malware and digital forensics desirable
• Supportive and can work well as part of a team as well as independently
• Can remain calm under pressure
• Ability to work in a strong team-orientated environment with a sense of urgency and resilience
• Must be able to think outside the box and develop solutions to accomplish seemingly impossible tasks while remaining risk and objective focused

*The incident manager will be part of a global 24/7 rotation and there is a requirement to work 8-10 weekends per year on an on-call basis as a primary contact. There will also be a requirement to cover the EMEA & APAC holidays.

Shift:

1st shift (United States of America)

Hours Per Week: 40