Truist Information Security Officer 

United States, North Carolina, Charlotte 

890672042

Regular or Temporary:

English (Required)

1st shift (United States of America)

Essential Duties and Responsibilities:Following is a summary of the essential functions for this job. Other duties may be performed, both major and minor, which are not mentioned below. Specific activities may change from time to time.

• Serves as a cyber security Subject Matter Expert (SME), coordinating, and providing multi-disciplinary knowledge, skills, and experience in security architecture and security management roles and responsibilities. Manage the security processes and effectively ensure guidance in accordance with standards and policies.

• Point of contact for business partners and delivery teams requiring advice and guidance on cyber security related topics. Manages and responds to cyber security related requests from across the business in coordination with the BISM.

• Provides consulting services on current and upcoming projects covering all levels of security requirements.

• Creates and improves business processes in coordination with the BISM and business stakeholders.

• In partnership with the BISM, advises business and delivery management on risk issues related to information security and recommends actions in support of the bank’s wider risk management and compliance programs.

• Monitors information security trends, policies and applicable regulations and keeps the business and delivery teams informed about information security related issues. Ensures compliance with relevant industry standards, regulations, and legal requirements.

• Collaborates with risk partners on info security priorities. Assists Delivery teams and business unit with the development of remediation plans for system security threats and risk.

• Tracks and monitors security performance indicators and core metrics to measure and improve security posture.

• Collaborate with security domains, peers, delivery, risk, and other stakeholders to share best practices, security goals and objectives, and manage expectations.

Required Qualifications:

The requirements listed below are representative of the knowledge, skill and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

• Ability to build strong partner relationships with peer technology groups and supported business unit.

• Exceptional executive presentation and communication skills.

• Strong leadership skills, self-starter

• Team management, stakeholder management, communication, and interpersonal skills. Ability to analyze complex security issues and provide timely and effective solutions.

• Familiarity with core concepts of network security, security architecture, security operation, vulnerability management, cloud security, application security, security awareness program, and threat intelligence.

• Strong knowledge of cyber security and privacy principles frameworks, and best practices (eg NIST, SWIFT, SOX, GLBA, PCI DSS)

• Team management, stakeholder management, communication, and interpersonal skills. Ability to analyze complex security issues and provide timely and effective solutions.

• Ability to comprehend and communicate the technical concepts related to cybersecurity to individuals having varying degrees of technical understanding. Strong planning and project management skills and willingness to follow up on tasks and act effectively in cross functional situations.

• Experience evaluating cyber security controls and providing guidance for computing platforms.

• Possess strong/experienced application development and/or application security background, with solid knowledge of SDLC from design, testing, deployment to post-production and the risk elements associated with each step.

• Bachelor’s degree and six to eight years of experience in systems engineering or administration or an equivalent combination of education and work experience.

Preferred Qualifications:

• Familiarity with payments related (wire transfer, ACH, faster payments) banking regulations as well as industry guidelines such as SWIFT, FedLine and ISO20022.

• Master’s degree or MBA and ten years of experience or an equivalent combination of education and work experience

• CISSP Certification Banking or financial services experience

• Other security certifications (e.g. CCNA Security, GSEC, GCED, GPPA, etc.)

• Other technical Certifications (e.g. CCNA, RHCE, MCSE, etc.)