Security Engineer

The Security Engineer will join Brunswick's Information Security team and play a key role in supporting the firm's secure adoption of AI and emerging technologies. This role will act as a dedicated security professional supporting requests and initiatives originating from the firm's AI team, providing security review, architecture input, and risk-based guidance across third-party AI tools, enterprise platforms, AI-enabled applications, and internally developed solutions. Working closely with the AI team, ICT, application owners, and business stakeholders, the Security Engineer will help ensure new technologies are protected through appropriate security controls and guardrails throughout the development and delivery lifecycle.

In this role, you will provide technical security expertise across AI-related requests, third-party AI tools, internally developed applications, workflows, enterprise features, and emerging agent-based use cases. Key responsibilities include:

• Review and assess third-party AI tools, enterprise AI platforms, and new AI-enabled features, including solutions such as ChatGPT, Claude, Microsoft Copilot, and other emerging technologies.
• Review and assess requests relating to AI-enabled solutions, enterprise AI platforms, new features, integrations, and internally developed applications.
• Provide security architecture guidance for applications and solutions developed or introduced by the AI team.
• Support the implementation of security guardrails, governance processes, and secure design patterns for AI adoption across the firm.
• Conduct STRIDE-based threat modelling for new internally developed solutions, AI-enabled workflows, integrations, and automation use cases.
• Assess risks associated with AI use cases, including data exposure, prompt injection, model misuse, third-party dependency risk, inappropriate access to sensitive information, and insecure integrations.
• Advise on secure design principles, including identity and access management, data protection, logging, monitoring, encryption, resilience, and secure configuration.
• Define and document security requirements, architecture decisions, design recommendations, and risk-based remediation actions.
• Monitor emerging AI security risks, attacker techniques, and industry best practices, ensuring relevant mitigations are considered within Brunswick's environment.

We're looking for an experienced, technically capable security professional who can combine strong security engineering expertise with practical judgement and clear communication. The ideal candidate will demonstrate:

• 5-7 years' experience in cyber security, information security, security engineering, or a related technical security role.
• Proven experience providing security guidance across technology projects, enterprise platforms, AI-related initiatives, third-party tools, cloud-based solutions, or internally developed applications.
• Strong understanding of security architecture and secure design principles, including identity and access management, data protection, logging, monitoring, encryption, network security, and resilience.
• Familiarity with AI-related technologies, enterprise AI platforms, large language models, agentic AI, and the security risks associated with AI adoption.
• Experience conducting STRIDE-based threat modelling, technical risk assessments, or security design reviews.
• Practical understanding of cloud and enterprise environments, particularly Microsoft 365, Azure, SaaS platforms, and modern workplace technologies.
• Ability to translate technical security risks into clear, business-focused recommendations.
• Strong written and verbal communication skills, with confidence engaging technical and non-technical stakeholders.
• Understanding of security risks associated with third-party AI tools, internally developed AI applications, integrations, automation, and agent-based use cases.
• Sound judgement, attention to detail, and the ability to balance security requirements with business needs.
• Experience working in an ISO27001-aligned or regulated environment would be beneficial.

Preferred, but not essential, certifications:

• ISC2: CISSP, CCSP, SSCP
• ISACA: CISM, CISA, CRISC
• CompTIA: Security+, CySA+, CASP+

Whether you are joining a client-facing team, a core services team, or starting out on your professional career journey, joining Brunswick unlocks a range of employee benefits to support your financial future, health and wellness, family and community and continuous professional development. Brunswick is an equal opportunity employer. All qualified applicants will be considered without regard to race, religion, color, national origin, gender, sexual orientation, age, disability, pregnancy, genetic information, or any other status protected by applicable law.