Job Title: Information Security Architect
Duration: 1 year
Security Architecture is essential to “shifting left” the technology development. Reviewing Banking industry standards and Bank policy ensures products arrive at production with security built in. The architect with lead technical conversations to determine scope of controls by evaluating standards and policies and write requirements with threat modeling in mind to assist engineers with building securely. The architect will meet with stakeholders and determine criticality of controls and work with application owners to create automations to validate compliance.
Collaborates with technical and business stakeholders to address Information Security risks while achieving business objectives, meeting regulatory requirements, and addressing emerging threats. Responsible for providing expertise and support on decisions and priorities regarding the enterprise’s overall Information Security strategy and posture.
Responsible and accountable for risk by openly exchanging ideas and opinions, elevating concerns, and personally following policies and procedures as defined. Accountable for always doing the right thing for customers and colleagues and ensures that actions and behaviors drive a positive customer experience. While operating within the Bank’s risk appetite, achieves results by consistently identifying, assessing, managing, monitoring, and reporting risks of all types.
ESSENTIAL DUTIES AND RESPONSIBILITIES:
- Provides expert technical insight and industry perspective in the creation, delivery, and integration of complex and comprehensive security solutions.
- Acts as an internal consultant, advocate, mentor, and change agent. Viewed as an Information Security expert and critical technical resources across multiple technical areas and business segments.
- Partners with other groups to ensure solid, cross-functional decisions are made as a team.
- Maintains and demonstrates a strong understanding of enterprise systems, policies, standards, regulatory requirements, and business drivers.
- Represents Information Security at enterprise review meetings (ITAC, NPI Reviews, Production Readiness, etc.).
- Adheres to and promotes compliance with Information Security policies, standards, and best practices.
- Leads process improvement and risk mitigation initiatives.
- Coaches and mentor’s more junior staff.
MINIMUM KNOWLEDGE, SKILLS AND ABILITIES REQUIRED:
- Bachelor’s degree in related discipline with 5 or more years of experience.
- Five or more years of interdisciplinary experience in 4 or more of the following: Access Control Systems, Application Security, Application SDLC, Operating Systems, Cryptographic Controls, Physical Security, Networking, or Policy and Standard development.
- Ability to manage multiple, diverse tasks simultaneously and effectively prioritize work; strong organizational skills in a results-oriented environment.
- Excellent communications skills as well as the ability to build effective relationships with business leaders and stakeholders.
- Strong collaboration, communication, problem solving, conceptual and analytical skills.
- Able to work at a high level of autonomy in a dynamic environment.