Cyber Security Architect/Consultant

Business Initiative/Purpose: (Goal, Business Impact, Accomplishments from the work)

• This CW will help lead the NYDFS project from an Cyber Architecture perspective. There are a number of Security Blueprints that are required in order to ensure compliance for all in-scope applications aligned to NYDFS second amendment regs.

Bachelor Degree: (Required, Preferred or Not Required)

• Bachelor s Degree Required.

Role Responsibilities: (what they will be doing) Duties include:

• Architecting effective and efficient fit for purpose solutions that meet the Bank s needs and requirements - includes creation of Cybersecurity Blueprints that will present detailed views of application interaction/integrations between both on prem and cloud based applications.
• Applies in-depth and specialized expertise in Identity and Access Management and significant breadth of experience across cyber / information security.
• May be called upon to contributed to scope and business cases.
• Participates in the gathering and development of requirements by coaching stakeholders and decomposing business requirements into technical and system requirements.
• Interrupt requirements to determine the best solutions and approaches.
• Creates architectures and operational documentation with support of engineering and operations staff.
• Participate in the overall Identity ecosystem convergence activities for Truist from the heritage Banks.
• Advise, consult, lead, guide and mentor project teams, engineers, analysts, and support staff in the delivery of solutions.
• Participate in the agile planning processes and delivery methodologies.
• Build relationships with internal clients.
• Conducts threat modeling and security gap assessment exercises in concert with other teams.
• Create reusable patterns for reoccurring cyber challenges.
• Contributes to the creation of policy, standards, Minimum Security Baselines (MSBs), procedures and guidelines.
• Bring visibility to and escalates security risks, as well as, technical, execution, deployment or other risks as applicable.
• Lead Proof of Concept/Value Exit Read outs by communicating results and recommendations to stakeholders.
• Conducts post-mortem reviews of projects / products to measure design versus implementation differentials.
• Contribute to the Truist Cyber Architecture Practice by supporting Cyber Enterprise Architecture objectives.

Must Have Skills/Prior Experiences: (Vendor should not submit any candidate that does not have these skills/prior experience.)

• The candidate must be a highly experienced subject matter expert role with either deep specialization or comprehensive knowledge within a discipline which crosses multiple areas of specialization relative to Data Protection, IT Risk, Network Security, Application Security, Security Operations, and Identity and Access Management. We need someone with deep knowledge/experience with securing complex AWS architectures.
• Understanding of Security foundations and Standards such as hardening, least privilege, attack surface reduction, NIST SP800-series, NIST Cybersecurity Framework, FIPS 140-2, Common Criteria, FISMA/FedRAMP, ISO 27000, PCI-DSS, CIS Benchmarks, and similar.
• Applies in-depth and specialized expertise and/or a significant breadth of expertise in own professional discipline and other related disciplines. Interprets internal/external business challenges and recommends best practices to improve products, processes, or services.
• Mentors less experienced teammates to build their own technical expertise. Impacts the achievement of client, operational, project, service, and risk management objectives.
• Works independently, with guidance in only the most complex and unusual situations.
• Experience with Agile Scrum (Daily Standup, Sprint Planning and Sprint Retrospective meetings).

Specific solution expertise is desired in the following areas:

• Digital Commerce, Digital Banking and Financial Systems architecture.
• Large data management architecture and integrations.
• Attack protection and mitigation technologies DDoS, WAF, Bot, etc.
• AWS Cloud - application migration, fit for purpose, etc.
• Multifactor authentication, Risk Based Authentication.
• Application authentication models.
• Application Security OWASP control and evaluation criteria.
• Intelligent Robotic Process Automation.
• Cryptographic technology Transit encryption, storage encryption, Hash, KMS, Digital Signature, etc.
• Federated Identity Management / Identity Providers / Single Sign On (SSO).
• Client authentication approaches for anti-bot technologies, signaling, and fraud prevention.

PlNice to Have Skills/Prior Experiences:(Hiring Manager DOES NOT require these skills/ prior experience. However candidates with any of these will be looked at first.)

• Certification: CISSP-ISSAP, AWS, AZURE, SANS or TOGAF certifications
• Experience with Agile Scrum (Daily Standup, Sprint Planning and Sprint Retrospective meetings)
• Mergers and acquisitions experience.
• Consulting or professional services backgrounds are a plus.
• Financial services industry experience is a major plus.
• Master s degree in: Computer Science, Information Systems, Security, or other closely related field.

EEO Mindlance is an Equal Opportunity Employer and does not discriminate in employment on the basis of Minority/Gender/Disability/Religion/LGBTQI/Age/Veterans.

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.