Senior Director of Cyber Security Architecture and Engineering Services
United States of America
Full Time
3 weeks ago
$205,000 - $236,000 USD
No H1B
Key skills
Cyber Security ArchitectureCyber Security EngineeringZero TrustDevSecOpsAWSRisk Management FrameworksCloud Security ToolsMicrosoft Office SuiteAnalytical SkillsCommunication SkillsTeam CollaborationSaaSLeadershipRisk ManagementCommunicationCloud Security
About this role
U.S. Financial Technology (U.S. FinTech) is seeking an experienced Senior Director of Cybersecurity Architecture and Engineering Services to join their team. This role involves leading the design of cybersecurity architecture and engineering, ensuring compliance with cybersecurity policies, and improving operational efficiencies within the company's cloud-based cybersecurity tools ecosystem.
Responsibilities:
- Partner with leaders across the business to identify opportunities and risks and develop solutions that support U.S. FinTech, a SaaS company serving as the critical backbone of the US mortgage finance industry
- Refine, design, and implement company-wide cyber security architecture and engineering in partnership with 2nd and 3rd lines of defense
- Develop cyber security patterns to enable developers to design and build applications with appropriate security controls
- Manage external assessment activities and synthesize information into senior level presentations
- Serves as a subject matter expert to internal business, technology, and security teams. Proactively advises on a range of cyber risk management activities and information security industry best practices
- Acts as an ambassador and senior technical advisor for enterprise cyber security while engaging with other senior technical leaders throughout the organization
- Develop and refine standards in partnership with Engineering, Infrastructure, Application Development, Data
- Maintain vigilance about current threat vectors and expertise of the ecosystem of cloud security-related tools. Prototype new security tools and technologies based on organizational strategy and evolving threats while looking for opportunities to optimize, consolidate and manage out tools that no longer meet company needs
- Engage in ongoing communication with peers in the Infrastructure and Application Support groups as well as the business group to ensure understanding of security goals, to solicit feedback and foster cooperation
- Oversee deployment, integration, and initial configuration of all new cyber security solutions and enhancements to existing information security solutions in accordance with Information security policies, standards, and operational procedures
- Lead initiatives designed to share knowledge across cyber security, technology, and business teams. Identifies, recommends, coordinates, and delivers timely knowledge to support teams regarding technologies, processes, or tools
- Create and maintain a set of metrics to document and measure the performance and effectiveness of the Information Security program; responsible for communicating metrics to IT Leadership Team
Requirements:
- Bachelor's degree or higher in related discipline
- Industry Certification required, e.g. CISSP, CISA, CISM or equivalent designation
- A Minimum of 12 years of experience building and leading global cybersecurity programs
- A minimum of 5 of years leading Security Architecture and Engineering Teams
- Applicants must be authorized to work in the US without requiring employer sponsorship currently or in the future
- Strong working knowledge of Cyber Security Architectural and Engineering principles supporting Cyber Defense, Compliance, Perimeter Security, Data Protection, Application Security, Operating System Security, Virtual Infrastructure, Storage Protection
- Working knowledge of physical security
- Experience adopting Zero Trust
- Strong working knowledge of DevSecOps
- Strong working knowledge of AWS and tools to support the Cloud
- Strong working knowledge of Private Cloud, Public Cloud, and/or Hybrid Cloud
- Self-starter; adaptable to change; motivated to set personal and program goals and proactively track performance against goals
- Experience working with Risk, Security or Audit frameworks (i.e., COBIT, COSO, ISO 27001/2, NIST 800-53, NIST CSF, AICPA, BITS)
- Serve as subject matter expert for InfoSec and IT Security related topics with experience in technical control testing aligned to NIST 800-53, FISMA, and SOC
- Possesses strong analytical skills capable of identifying, evaluating and mitigating significant risks within an enterprise
- Demonstrated experience using and managing Risk Management tools is desired
- Strong working experience with Microsoft Office Suite and GRC tools
- Ability to document and explain risks and vulnerabilities to both business and technical stakeholders
- Ability to influence peers and management; ability to team cross-functionally and form relationships to achieve objectives
- Strong oral and written communication skills and ability to work well with others and in a collaborative, complex and fast paced environment
- Secondary mortgage market or equivalent financial services experience is an advantage