Brown-Forman Security Engineer in Louisville, Kentucky

Job Description:

Scope :

Security Engineer is responsible for providing technical assistance with the design, installation, operation, service and maintenance of a variety of multi-user information security systems. This role will also be responsible for initiating action in response to attempted intrusions, conducting vulnerability scans and ensuring that responsible areas respond appropriately to findings to safeguard the confidentiality, integrity, and availability of Brown-Forman’s information assets.


Assist in the preparation and monitoring of system security alerts that warn systems administrators of potential viruses, intrusions, or other systems security threats to support the organization’s security framework

  • Continually perform risk assessments to determine security vulnerabilities

  • Maintaining and monitoring enterprise level antivirus, encryption, corporate network security and certificate infrastructures

  • Develop scripts necessary to automate manual security daily tasks, including both on-premise and cloud-based apps

  • Assist internal audit and external regulators with compliance review and investigations

  • Assist with preparing reports and presentations for management including security findings, recommendations, penetration, and vulnerability analysis of various security technologie

  • Provide 2nd level day-to-day security support and problem resolution for security infrastructure

  • Monitor, log and report global security risks/trends to management as required

  • Maintain required access permission audit trails and related documentation

  • Perform network traffic analysis, audit log analysis and forensics, using security-monitoring tools

  • Design and implement upgrades to existing Security Infrastructure - Architect designs, Eng implements

  • Utilize many different incident response and ticketing systems

  • Provide on-call security support during non-business hours

  • Perform cross training and knowledge transfer to other team members

  • Promote security awareness throughout all levels of organizations

  • Execute defined Enterprise System strategies to support corporate initiatives

Must Experience :

  • Bachelor’s Degree in a related field plus three years applicable experience; or an Associate’s Degree with five years applicable experience; or eight years combined related education/experience

  • Expert knowledge of three or more security areas: application security, local and wide area networks, wireless networking, remote access solutions, Internet Firewalls, IDS/IPS, email systems, portals, virus protection, databases, Identity Management, mobile security, cloud security, security and privacy best practices

  • Proven ability to work with users of all management levels

  • Experience with developing policies, standards and procedures

  • Ability to communicate technical information to both technical and non-technical audiences

  • Developing and understanding hardware and software security systems

  • Technical experience working in large-scale multi-protocol network environment with Internet connectivity, and wireless networks

  • Knowledge of security hardening for Operating Systems, including UNIX, Linux, Solaris, Microsoft Server

  • Knowledge of security risks and security measures, tools and procedures (network component configurations, security monitoring, network security administration, network security policy development, telecommunications

  • Expertise of scripting in various disciplines

Preferred Experience :

  • Advanced Degree in a related field

  • Advanced training and experience in information security

  • Knowledge around Intrusion Detection and Virus and Incident Response in a large environment

  • Understanding of all security issues including Threat Management, Penetration Testing, and Risk Management

  • ERP and Application role-based security and architecture

  • Familiar with current privacy laws and regulations globally

  • Experience with Identity Management and Single Sign-On implementations and designs

  • Other application platforms to include cloud-based applications, Google Apps, Salesforce, Okta, Workday, ADP, Kronos, Successfactor, ASP models, Cloud technologies

  • Possesses one of the following security certifications: CISSP, CISA, CISM, CIPP/IT, CEH, GIAC

Skills: Network Security, IDS, IPS, Security Assessments, Antivirus, SSO, Windows OS, Unix Shell & Windows Scripting, Active Directory, Software Design, Web Servers, Database Management, Risk Assessment, Risk Mitigation, Vulnerability Assessments, Java, SOX, PCI, TTB, SAS70, SSAE16, Incident Response, Privacy Laws, Breach Notification, Cyber Security, Aptitude for learning/monitoring/implementing emerging technologies

#PB 1



About Brown-Forman:



For more than 145 years, Brown-Forman Corporation has enriched the experience of life by responsibly building fine quality beverage alcohol brands, including Jack Daniel’s Tennessee Whiskey, Jack Daniel’s & Cola, Jack Daniel’s Tennessee Honey, Jack Daniel’s Tennessee Fire, Gentleman Jack, Jack Daniel’s Single Barrel, Finlandia, Korbel, el Jimador, Woodford Reserve, Old Forester, Canadian Mist, Herradura, New Mix, Sonoma-Cutrer, Early Times, Chambord, BenRiach and GlenDronach. Brown-Forman’s brands are supported by nearly 4,600 employees and sold in approximately 160 countries worldwide

For more information about the company, please visit

We're on Twitter:

See us on LinkedIn:

Brown-Forman Corporation is committed to equality of opportunity in all aspects of employment. It is the policy of Brown-Forman Corporation to provide full and equal employment opportunities to all employees and potential employees without regard to race, color, religion, national or ethnic origin, veteran status, age, gender, gender identity or expression, sexual orientation, genetic information, physical or mental disability or any other legally protected status.

Business Area: Corporate

City: Louisville

State: KY

Country: United States

Req Type: Exempt

AutoReqId: 4494BR