Senior Engineer, Security Risk

We are currently looking for a Senior Engineer, Security Risk to join our growing team! In order for you to be successful in this role, you will need to be a highly experienced technical cybersecurity professional. You will be  responsible for identifying, assessing, and mitigating security risks across all Brightspeed systems, applications, networks, and infrastructure, often by designing and implementing robust security controls, conducting risk assessments, and providing expert guidance to other teams to minimize potential threats and ensure compliance with security standards. In this role, the candidate must have a deep understanding of security architecture, threat landscapes, and industry best practices to lead security initiatives. As Senior Engineer, Security Risk, your duties and responsibilities will include:Lead security initiatives to improve and mature the security posture and compliance across all business unitsOwn the logical and analytical process of identifying risk, assessing risk, and taking steps to reduce risk to an acceptable levelPerform comprehensive risk assessments to identify vulnerabilities and potential threats across the organization's systems, applications, and networksReview system designs, application architectures, and code to identify security weaknesses and provide recommendations for improvementCollaborate with application development teams and review code for security issues, ensure the secure coding standards and best practices. Utilize static and dynamic analysis tools to assess the security posture of software codeCreate detailed threat models to understand potential attack vectors and prioritize security controls based on risk levelsDesign and implement security architectures to protect sensitive data, including access controls, encryption, and data protection mechanismsIdentify critical vulnerabilities, and prioritizing remediation efforts and drive SLA Prepare and present risk assessment reports, security metrics, and executive summaries to stakeholders, including management, technical teams, and business units. Communicate complex security risks in a clear and concise mannerCreate and maintain security policies and procedures aligned with industry best practices and regulatory requirementsEnsure adherence to relevant security regulations, industry standards, internal policies and standards, and data privacy lawsEducate employees on security best practices and awareness of potential threatsGuide and mentor security engineers and architects on security principles and practicesCollaborate with internal stakeholders, including executive leadership, legal, compliance, IT, and Network teams, to ensure security risk management and governance strategies are integrated into business operations