Job responsibilities
- Develop tooling to continuously monitor controls including a sampling engine and tools that support a controls compliance engine
- Engages technical teams and business stakeholders to discuss and propose technical approaches to meet current and future cybersecurity needs
- Defines the technical target state of their cybersecurity product and drives achievement of the strategy
- Identifies opportunities to eliminate or automate remediation of recurring issues to improve overall cybersecurity of software applications and systems
- Leads evaluation sessions with external vendors, startups, and internal teams to drive continuous improvement and assess cybersecurity design and technical credentials for use in existing systems and architecture
- Leads communities of practice to drive awareness and use of new and leading-edge cybersecurity technologies
- Adds to team culture of diversity, equity, inclusion, and respect
Required qualifications, capabilities, and skills
- Formal training or certification on software engineering concepts and 5+ years applied experience
- Hands-on practical experience delivering enterprise-level cybersecurity solutions and controls
- Advanced in one or more programming languages, ideally one or more of: *NIX Scripting, Python, SQL & GraphQL, Splunk, Grafana & OpenTelemetry
- Proficiency in automation and continuous delivery methods
- Proficiency in all aspects of the Software Development Life Cycle
- Advanced understanding of agile methodologies such as continuous integration and delivery, application resiliency, and security
- Demonstrated proficiency in software applications and technical processes within a technical discipline (e.g., public cloud, artificial intelligence, machine learning, mobile, etc.)
- In-depth knowledge of the financial services industry and their IT systems
- Practical cloud native experience
- Deep knowledge of one or more software and applications
- Ability to evaluate current and emerging technologies to recommend the best solutions for the future state architecture
- Experience effectively communicating with senior business leaders
Preferred qualifications, capabilities, and skills
- Knowledge of network security architecture concepts, including topology, protocols, components, and principles would be advantageous
- Prior experience in cybersecurity design / engineering would be advantageous
- Prior experience in disaster and/or cyber recovery planning and testing would be advantageous.
- Prior experience working with external auditors and regulators would be advantageous
- In depth knowledge of system and application vulnerabilities e.g. OWASP, NIST, SANS…
- Bachelor's degree in Computer Science, or a related field as well as accreditation in CISSP, CISM, CISA, CRISC, AWS would be a bonus