Principal Cyber Security Architect

About The Position

Requirements

• Bachelor's Degree and 10 years of experience in Information Technology including Information Security OR High School Diploma or GED and 14 years of experience in Information Technology including Information Security
• Possesses at least one of the following security certifications: CISSP, GIAC, CISM, or OSCP

Nice To Haves

• Knowledge of Forensics, Security Operations, Incident Response, Research/Threat Detection, Malware Analysis, Assessments and Penetration testing, or Secure Software Development
• Proven consulting and relationship management skills as well as the ability to leverage key working relationships with business units, vendors, and IT staff
• Familiarity with one or more standard security related frameworks (NIST-Cyber, CoBIT, ISO, etc.)
• Knowledge of security principles and their application in an enterprise IT environment
• Knowledge of various platform technologies including internet, network, distributed systems, desktop computing, voice, and threat management technologies
• Experienced with enterprise security controls including malware, protection, firewalls, intrusion detection systems, content filtering, internet proxies, encryption controls, and log management solutions
• Knowledge of tiered application architectures, web front-ends/server-side apps, application, and relational databases
• Experience with APIs: REST, SOAP, SOA and other integrations
• Experience with secure application development, application security risk mitigation techniques
• Understanding of application security and industry standards such as OWASP top ten and SANS top 20
• Understanding of SDLC and Secure Development Lifecycle
• Use of security tools and industry best practices.
• Knowledge of network security controls and technologies such as firewalls, intrusion detection/prevention systems, monitoring (SIEM), data loss prevention, authentication/authorization, and database security

Responsibilities

• Business Enablement - Owns engagement between executive technology leadership and the information security architecture function. Accelerates technology development and deployment by embedding in customer organizations to drive security awareness, prioritization and solutions. Engages with other architects within the information security organization to bring the right skillsets and experience to bear on issues impacting the firm's strategic roadmap.
• Security Strategy - Assists in designing and implementing security strategies to shape the Bank's overall technical vision. Facilitates the development and evolution of the architecture and enterprise governance processes. Defines security baselines and standards to include technical configuration standards. Supports the implementation of security controls, guidelines, recommendations, and best practices. Aligns assigned projects with information security strategic and architectural objectives.
• Security Architecture - Assists with the development, enhancement, and documentation of Information Technology (IT) security architecture. Resolves complex or escalated issues, and is responsible for technical activities at the highest level of ability. Drives significant projects and initiatives to ensure security objectives are achieved. Facilitates ongoing risk mitigation efforts.
• Awareness - Maintains a strong knowledge of emerging risks and trends. Assists the IT Risk and Compliance team in developing education and awareness program materials. Participates in industry and professional organizations to retain current knowledge and business relationships.

Benefits

• Benefits are an integral part of total rewards and First Citizens Bank is committed to providing a competitive, thoughtfully designed and quality benefits program to meet the needs of our associates. More information can be found at https://jobs.firstcitizens.com/benefits.