Cyber Security Engineer

Who are we?

A strategic and trusted insurance partner, Berkshire Hathaway Specialty Insurance (BHSI), provides a broad range of commercial property, casualty and specialty insurance coverages and outstanding service to customers and brokers around the world. Part of Berkshire Hathaway’s insurance operations, we bring our solutions to market with our stellar brand name, top-rated balance sheet, and the expertise of our global team of professionals, who exude excellent capabilities and strong character.

We are a values-based organization where respect, integrity, excellence, collaboration, and passion define who we are and how we do business. We value diversity of backgrounds, experience, and perspectives and strive to foster an inclusive environment that enables all our team members to bring their best selves to work. We are one team committed to building a culture where every teammate has the opportunity to contribute and be recognized. Want to be part of the team building the finest property, casualty and specialty lines insurance company in the world?

Learn more about our unique culture and history.

Job Opportunity:

Berkshire Hathaway Specialty Insurance (BHSI) is looking for a mid-level cybersecurity professional with at least 3-5 years’ experience with Microsoft M365 or Azure security suite to join, in office, their Boston, MA or Stevens Point, WI team. As a Cyber Security Engineer, you will have the ability to own and drive success for the team by taking an active role in the execution of our IT Security solutions and integrations, while collaborating closely with both internal and external partners. In this newly created role, there is an opportunity for significant growth potential, and the ability to shape the evolution of the security roadmap while making impactful short-term contributions to an organization that places the utmost importance on “doing the right thing”.

Duties & Responsibilities:

• Primary responsibilities will include managing the configuration of security solutions which protect the enterprise at the network, endpoint, and email vectors
• Works closely with our external Managed Security Solution provider and SOC analysts to enhance security solutions to reduce malicious and suspicious activity based on security data analysis, review of the current threat landscape, and assessment of security tickets.
• Focus on tuning and configuration of Microsoft M365 and Azure security solutions to ensure new features are implemented, alerts are of high fidelity, and beneficial integrations are maintained with other security solutions.
• Evaluate systems, network, and data to determine necessary security protocols and measures and the use of analysis tools such as tcpdump, Wireshark, Nmap and other useful tools
• Assists in the evaluation, development, implementation, and operationalization of enterprise security solutions, taking lead in ensuring security policies are supported
• Work with our global infrastructure team to analyze security threats and recommend technical infrastructure (architecture)changes to reduce risk.
• Work with development teams in AWS and Azure and other SAAS solutions to ensure deployments follow security policies, follow security coding practices, and mitigate risk to enterprise and customer data.
• Be an escalation point and SME for junior engineers and analysts where Microsoft can support incident response.

Qualifications, Skills and Experience:

• Have a ‘security mindset’ in examining and understanding the impact of business and infrastructure changes to the overall security posture both tactically and strategically
• At least three years’ experience as a MSFT M365 and/or Azure security engineer. This would include proven competence with Intune policies, conditional Access, Defender ATP, and other MSFT security modules.
• Demonstrable experience with web application and API development standards, have provided hands on guidance, and assessment for risk, vulnerabilities, and remediation.
• Be able to assess impacts of security and infrastructure changes to the overall security posture, provide recommendations, and complete remediation
• Additional hands-on experience in Network management, SIEM management, data loss prevention, Application Security Management, and Microsoft Azure AD beneficial
• Be able to prioritize operational and project tasks with the ability to pivot when the risk and impact has been escalated.
• CISSP and/or CCIE Security a plus

BHSI Offers:

• A competitive package and exciting growth opportunities for career-oriented teammates
• A dynamic, action oriented, and thoughtful environment centered on always doing the right thing for our customers, teammates and our other stakeholders
• A purposely non-bureaucratic organization that embraces simplicity over complexity and emphasizes individual excellence in a team framework

NOTE: Compensation will be commensurate with experience. This job description is not intended to be all-inclusive. Team Member may perform other related duties as negotiated to meet the ongoing needs of the organization