MUST HAVE- Skills / Prior Experience
- The candidate must be a highly experienced subject matter expert role with either deep specialization or comprehensive knowledge within a discipline which crosses multiple areas of specialization relative to Data Protection, IT Risk, Network Security, Vulnerability Management, Application Security, Security Operations, Endpoint Security, and Identity and Access Management.
- Understanding of Security foundations and Standards such as hardening, least privilege, attack surface reduction, NIST SP800-series, NIST Cybersecurity Framework, FIPS 140-2, Common Criteria, FISMA/FedRAMP, ISO 27000, PCI-DSS, CIS Benchmarks, and similar.
- Applies in-depth and specialized expertise and/or a significant breadth of expertise in own professional discipline and other related disciplines.
- Interprets internal/external business challenges and recommends best practices to improve products, processes, or services.Applies a comprehensive understanding of how the organization operates to solve technical, operational, and business problems.
- Uses sophisticated analytical thought to exercise judgment and identify innovative solutions.
- Leads teams or projects with moderate resource requirements, risk, and complexity.Works independently, with guidance in only the most complex and unusual situations.
- Comprehensive experience in secure design principles, defense-in-depth, design tools, methods and techniques.
- security architecture, including design tools, methods, and techniques and the application of Defense-in-Depth principles; knowledge of network design processes, including understanding of security objectives.
- 10 year of information / cyber security experience with significant focus on security architecture, design, engineering and delivery.Expertise and experience developing and deploying solutions for one or more of the following domains:Security Operations (detection, response, and automation)Network Security (north / south and east / west, DDoS, Antibot)Application Security and Web Application FirewallsEndpoint Security (EDR, application control, encryption, etc)Vulnerability Management (application, code, and/or network based)Data Protection (structured and unstructured, PKI / KMS / Secrets Management)Identity and Access Management (B2B, B2C, B2E) – Privileged Access Management, Directories, IDP solutions, etcCertifications: CISSP and CISSP-ISSAP preferred.
PLUS/NICE TO HAVE - Skills/Prior Experience
- Experience with Agile Scrum (Daily Standup, Sprint Planning and Sprint Retrospective meetings)
- Candidate with mergers and acquisitions experience.
- Candidates with consulting or professional services backgrounds are a plus.
- Financial services industry experience is a major plus.
- Certifications: AWS, SANS or TOGAF certifications
- Masters degree in: Computer Science, Information Systems, Security, or other closely related field.
Day to Day:
- Creating security solution artifacts Designing converged ecosystems (e.g. taking two systems and merging them into one)
- Advising project teams and cyber domains regarding best practices for integration, risk reduction, automation, etc.
- May be called upon to contributed to scope and business cases
- Participates in the gathering and development of requirements by coaching stakeholders and decomposing business requirements into technical and system requirements
- Design effective and efficient solutions to meet the business requirements
Conducts threat modeling and security gap assessment exercises in concert with other teams
- Create reusable patterns for reoccurring cyber challenges
- Contributes to the creation of policy, standards, Minimum Security Baselines (MSBs), procedures and guidelines
- Brings visibility to and escalates security risks, as well as, technical, execution, deployment or other risks as applicable
- Leads Proof of Concept/Value Exit Read outs by communicating results and recommendations to stakeholders
- Conducts post-mortem reviews of projects / products to measure design versus implementation differentials
- Contribute to the Truist Cyber Architecture Practice by supporting Cyber Enterprise Architecture objectives
security , architect, cyber, Data Protection, Vulnerability Management, Application Security, Endpoint Security, Identity and Access Management, IAM, NIST, FIPS OR FISMA OR ISO OR PCI OR CIS