Cybersecurity Senior Manager

at  Truist Bank

THE POSITION IS DESCRIBED BELOW. IF YOU WANT TO APPLY, CLICK THE APPLY NOW BUTTON AT THE TOP OR BOTTOM OF THIS PAGE. AFTER YOU CLICK APPLY NOW AND COMPLETE YOUR APPLICATION, YOU’LL BE INVITED TO CREATE A PROFILE, WHICH WILL LET YOU SEE YOUR APPLICATION STATUS AND ANY COMMUNICATIONS. IF YOU ALREADY HAVE A PROFILE WITH US, YOU CAN LOG IN TO CHECK STATUS.

Need Help?
If you have a disability and need assistance with the application, you can request a reasonable accommodation. Send an email to Accessibility (accommodation requests only; other inquiries won’t receive a response).

PLEASE REVIEW THE FOLLOWING JOB DESCRIPTION:

The Cyber Security manager will be primarily responsible for the management of the Security Configuration Management and Cloud Security Governance program execution. The Senior Manager’s purview will span across the Truist on-prem and cloud environments and will be responsible for day-to-day operations readiness and resiliency. This role works closely with stakeholders to understand gaps to identification, prioritization, and remediation of IT asset misconfigurations against the Truist Security Baseline Configuration standards to drive towards continuous improvement and gradual risk reduction. The role will require cross-organization partnerships to solve key issues impactful to the enterprise.

REQUIRED QUALIFICATIONS:

The requirements listed below are representative of the knowledge, skill and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

• Bachelor’s degree and eight years of experience in systems engineering or administration or an equivalent combination of education and work experience.
• Deep specialized and/or broad functional knowledge in applied enterprise information security technologies including but not limited to firewalls, intrusion detection/prevention systems, network operating systems, identity management, database activity monitoring, encryption, content filtering, and Mainframe security.
• CISSP Certification.
• Previous experience in leading complex IT projects

PREFERRED QUALIFICATIONS:

• Master’s degree or MBA and ten years of experience or an equivalent combination of education and work experience.
• Banking or financial services experience.
• Experience in vulnerability and configuration management for cloud infrastructure, including Azure and AWS.
• 6+ years of experience in Vulnerability Management: This experience must have included the design and deployment of highly available vulnerability scanning solutions (including compliance scanning).
• Other security certifications (e.g. CCNA Security, GSEC, GCED, GPPA, etc.)
• Other technical Certifications (e.g. CCNA, RHCE, MCSE, etc.)

ESSENTIAL DUTIES AND RESPONSIBILITIES

Following is a summary of the essential functions for this job. Other duties may be performed, both major and minor, which are not mentioned below. Specific activities may change from time to time.

• Develop and implement a Secure Configuration Management Program that utilizes a risk-based approach for SCM compliance and remediation for on-premise and cloud hosted IT assets
• Lead and manage a team responsible for operational duties; including ticket queue/triage for ad hoc scans, compliance reporting, escalating issues for visibility and remediation, and addressing questions related to secure baseline configuration remediation.
• Understand technology controls: testing of controls and supporting evidence that impact on-premise and cloud technology, understand operational risk to the Information Technology Services organization as well as related laws, regulations, and industry standards, specifically related to on-premise and cloud technology solutions.
• Lead efforts to develop and implement policies, standards, procedures, and controls to assure the confidentiality, integrity, and availability of the information technology environment for on-premise and cloud hosted IT assets, applications and infrastructure.
• Represent Information Technology related to internal and external assessments and/or audits of information technology systems and processes, interpret results, and develop and communication recommendations to management.
• Set the team’s direction and communicates individual and team priorities and deliverables for the team against expected results. Make leadership decisions within established policies, procedures, and established objectives.
• Stay abreast of industry trends, emerging threats, and new technologies to continually improve secure configuration management strategies.
• Analyze information to determine, recommend, and plan the use of new information security technologies, or modifications to existing equipment and systems that will provide capability for proposed project or work load, efficient operation and effective use of allotted resources.
• Use sophisticated analytical thought through models, testing, and experience to exercise judgment and identify innovative solutions.
• Leads complex and visible projects with moderate to high risk and complexity.

The requirements listed below are representative of the knowledge, skill and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

• Bachelor’s degree and eight years of experience in systems engineering or administration or an equivalent combination of education and work experience.
• Deep specialized and/or broad functional knowledge in applied enterprise information security technologies including but not limited to firewalls, intrusion detection/prevention systems, network operating systems, identity management, database activity monitoring, encryption, content filtering, and Mainframe security.
• CISSP Certification.
• Previous experience in leading complex IT project