Job responsibilities
- Engages technical teams and business stakeholders to discuss and propose technical approaches to meet current and future cybersecurity needs.
- Identifies opportunities to eliminate or automate remediation of recurring issues to improve overall cybersecurity of software applications and systems.
- Leads security evaluation sessions with external vendors, startups, and internal teams to drive continuous improvement and assess cybersecurity design in existing systems and architecture.
- Leads communities of practice to drive awareness of different risks and threats in the space with a special focus on cryptographic controls and data protection.
- Leads thread modeling activities working with cross functional teams to drive secure implementations.
- Adds to team culture of diversity, equity, inclusion, and respect.
Required qualifications, capabilities, and skills
- Formal training or certification on Cybersecurity concepts and 5+ years applied experience.
- Hands-on practical experience delivering high quality threat models and knowledge of MITRE framework and kill chains.
- Cryptographic Security Controls (Key Management Systems) experience required
- Deep understanding of encryption at Rest, in Transit, and in Use
- Understanding HSM and Key Management and HSM systems and requirements
- Experience with Payment HSMs and PCI
- Familiarity with recent Data Protection and Encryption trends
Preferred qualifications, capabilities, and skills
- In-depth knowledge of the financial services industry and their IT systems
- Ability to evaluate current and emerging technologies to recommend the best solutions for the future state architecture.
- Experience effectively communicating with senior business leaders.
- Public cloud expertise