Apply on Employer Site

U.S. Financial Technology · 2 days ago

Senior Director of Cyber Security Architecture and Engineering Services

United States

Full-time

Remote

Lead/Staff, Director/Executive

$205K/yr - $236K/yr

12+ years exp

U.S. Financial Technology is seeking an experienced Senior Director of Cybersecurity Architecture and Engineering Services to join their team. This role will lead the design of cybersecurity architecture and engineering to ensure compliance with cybersecurity policies and improve operational efficiencies within the organization's cloud-based cybersecurity tools ecosystem.

Financial ServicesInformation TechnologySecurity

Comp. & Benefits

No H1B

Responsibilities

Partner with leaders across the business to identify opportunities and risks and develop solutions that support U.S. FinTech, a SaaS company serving as the critical backbone of the US mortgage finance industry

Refine, design, and implement company-wide cyber security architecture and engineering in partnership with 2nd and 3rd lines of defense

Develop cyber security patterns to enable developers to design and build applications with appropriate security controls

Manage external assessment activities and synthesize information into senior level presentations

Serves as a subject matter expert to internal business, technology, and security teams. Proactively advises on a range of cyber risk management activities and information security industry best practices

Acts as an ambassador and senior technical advisor for enterprise cyber security while engaging with other senior technical leaders throughout the organization

Develop and refine standards in partnership with Engineering, Infrastructure, Application Development, Data

Maintain vigilance about current threat vectors and expertise of the ecosystem of cloud security-related tools. Prototype new security tools and technologies based on organizational strategy and evolving threats while looking for opportunities to optimize, consolidate and manage out tools that no longer meet company needs

Engage in ongoing communication with peers in the Infrastructure and Application Support groups as well as the business group to ensure understanding of security goals, to solicit feedback and foster cooperation

Oversee deployment, integration, and initial configuration of all new cyber security solutions and enhancements to existing information security solutions in accordance with Information security policies, standards, and operational procedures

Lead initiatives designed to share knowledge across cyber security, technology, and business teams. Identifies, recommends, coordinates, and delivers timely knowledge to support teams regarding technologies, processes, or tools

Create and maintain a set of metrics to document and measure the performance and effectiveness of the Information Security program; responsible for communicating metrics to IT Leadership Team

Qualification

Cyber Security ArchitectureCyber Security EngineeringZero TrustDevSecOpsAWSRisk Management FrameworksCloud Security ToolsMicrosoft Office SuiteAnalytical SkillsCommunication SkillsTeam Collaboration

Required

Bachelor's degree or higher in related discipline

Industry Certification required, e.g. CISSP, CISA, CISM or equivalent designation

A Minimum of 12 years of experience building and leading global cybersecurity programs

A minimum of 5 of years leading Security Architecture and Engineering Teams

Applicants must be authorized to work in the US without requiring employer sponsorship currently or in the future

Strong working knowledge of Cyber Security Architectural and Engineering principles supporting Cyber Defense, Compliance, Perimeter Security, Data Protection, Application Security, Operating System Security, Virtual Infrastructure, Storage Protection

Working knowledge of physical security

Experience adopting Zero Trust

Strong working knowledge of DevSecOps

Strong working knowledge of AWS and tools to support the Cloud

Strong working knowledge of Private Cloud, Public Cloud, and/or Hybrid Cloud

Self-starter; adaptable to change; motivated to set personal and program goals and proactively track performance against goals

Experience working with Risk, Security or Audit frameworks (i.e., COBIT, COSO, ISO 27001/2, NIST 800-53, NIST CSF, AICPA, BITS)

Serve as subject matter expert for InfoSec and IT Security related topics with experience in technical control testing aligned to NIST 800-53, FISMA, and SOC

Possesses strong analytical skills capable of identifying, evaluating and mitigating significant risks within an enterprise

Strong working experience with Microsoft Office Suite and GRC tools

Ability to document and explain risks and vulnerabilities to both business and technical stakeholders

Ability to influence peers and management; ability to team cross-functionally and form relationships to achieve objectives

Strong oral and written communication skills and ability to work well with others and in a collaborative, complex and fast paced environment