What you'll do:

• Establish a strategic security architecture vision, including standards and frameworks that are aligned with the overall business and IT strategies

• Act as information security subject matter expert; provides advisory and consulting services to business, IT departments, and IS management

• Work closely with Enterprise Architecture and Application Development to enhance the security posture of new and existing systems

• Work to design security architecture, evaluate risk posed to the organization from, and ultimately approve the implementation of systems and applications into the environment

• Assess the state of the information security program using the NIST Cybersecurity Framework and the FFIEC Cyber Assessment Tool to identify gaps and works with appropriate stakeholders to remediate deficiencies

• Participate in the development of information security strategies, roadmaps, policies, and standards

• Ensure systems and applications are implemented with compensating controls to meet regulatory requirements (GLBA, SOX, HIPAA, FFIEC, etc.) as well as other organizational compliance (PCI) requirements

• Track metrics for compliance to IS standards by application and system owners

• Develop and mentor team members

Skilles needed for success:

• Bachelor's degree in Computer Science or related degree, preferred

• Eight (8) years experience in Information Security with a focus on software development, secure SDLC, or security architecture

• Evaluate risk versus reward and apply in a meaningful manner to the benefit of the organization

• Translate complex technical information across all levels of the organization

• Ability to use independent judgment to make sound, justifiable decisions and takes action to solve problems

• Work effectively with a team as well as independently without daily direction

• Manage and prioritize multiple tasks in an effective manner

• Excellent customer service skills and problem resolution

• Excellent written and verbal communication skills including developing and providing effective professional presentations to various audience types including senior management and leadership

• Expert level knowledge of security principles

• In depth knowledge of security solutions, tools, methodologies, and techniques

• Strong project management skills

• Thorough understanding of risks associated with virtualization and cloud-based computing and the impact of those technologies on an organizations security posture

• Excellent customer service skills and problem resolution