First Horizon Bank
Description
Location: Memphis, TN
Weekly Schedule: Monday- Friday: 9am-5pm
Primary Responsibilities
Manages solution design from conception, through ARB, to delivery
Primarily responsible for producing architecture documentation for security applications as assigned and as projects and programs of work dictate
Maintains First Horizon’s Security Architecture Pattern Inventory (across identity, data, application, network, and cloud) as a member of the Core Enterprise Architecture Team
Leads security design workshops and POC efforts for new (security) capabilities
Validates 3rd Party/Vendor Solutions for security concerns
Aligns Information Security Technology strategy and planning with First Horizon’s business goals and objectives
Promotes the use of a shared infrastructure and application roadmap to reduce costs and improve how assets are secured
Builds and maintains technical trusted advisor relationships with influential technical decision makers within Technology
Works with engineers to ensure that technical solutions as delivered align with Information Security Standards and Policies
Works with Portfolio technology leaders to include IT Risk and Security Exception initiatives in portfolio roadmap
Manage Encryption Standards: key management, tokenization for payments, DLP/classification/handling; architect PCI DSS segmentation boundaries and compensating controls.
Manage Network/Zero Trust Standards: microsegmentation across Azure and colocation; secure branch/office connectivity; define workload identity and continuous verification patterns; enforce least privilege.
Detection/telemetry: Publish Splunk logging schema, retention, and correlation strategies; onboard logs from Azure, Colo, API Gateways, IAM, CyberArk, MFaaS, and core platforms; drive ATT&CK‑aligned detections and forensic readiness.
Secure SDLC and supply chain: Operationalize threat modeling; collaboratively define CI/CD control overlays with DevOps; establish artifact signing/SBOM standards; ensure secrets handling and container/Kubernetes baselines where applicable.
Governance and risk: Maintain control overlays mapped to FFIEC/GLBA/PCI/NIST; lead design reviews; manage exceptions with remediation timelines; produce audit-ready decision records in partnership with the CISO team.
Payments and third-party/SaaS: Define intake and security requirements for MFaaS, Salesforce, ServiceNow, FIS/Fiserv/Bottomline integrations—identity, logging, data handling, and PCI scoping.
Physical security integration: Align building access, video, and visitor systems with identity and logging patterns; coordinate incident playbooks with Corporate/PhysicalSecurity.
Enablement and influence: Mentor senior architects and engineering associates; lead communities of practice; communicate strategy, benefits, and trade-offs to executives and delivery teams.
Requirements
Bachelor's degree in Computer Science, Management Information Systems, or related field
(12+) years of Information Security experience
(7+) years of Security Architecture
Experience in regulated financial services
Experience with Azure security architecture across multi-tenant/region and hybrid environments; strong Zero Trust and network segmentation expertise
Regulatory fluency: FFIEC, GLBA, PCI DSS; practical NIST CSF/800-53 mapping; MITRE ATT&CK‑aligned detection design.
Experience with technical documentation like interaction diagrams, process diagrams, network topologies and other architectural content
Experience with Agile/SAFe methodologies
Experience with Enterprise Architecture Governance: ARB/design councils, exception handling, and audit narratives; ability to set and harmonize enterprise standards.
Certifications/Licensures
Strongly preferred: CISSP or CompTIA Security+ Microsoft Azure Security Engineer or Azure Solutions Architect Expert
Preferred: CCSP; CISM or CRISC; SANS GCSA or GCLD; PCI Professional (PCIP) or equivalent GIAC enterprise defense/IR certifications
Skills And Competencies
Ability to adapt to new technologies and learn quickly
Enterprise architectural leadership across identity, cloud, application, data, and network security.
IAM for associates (Entra ID, Active Directory) and clients (Transmit Security, ForgeRock/Ping, or Okta); OAuth/OIDC; phishing‑resistant MFA/passkeys; PAM integration and privileged pathway design.
Integration Security: FAPI, OAuth2.0, FDX, mTLS, rate limiting, schema validation, abuse/bot mitigation, CIAM integration, OWASP, and high-quality telemetry to Splunk.
Secure SDLC and supply chain: threat modeling, pipeline security, artifact signing/SBOM, dependency hygiene, and secrets management.
Communication, influence, and enablement: ability to translate risk to business impact, drive adoption, and coach peers and engineers.
Ownership and execution: measurable risk reduction, pattern adoption, and cross‑team collaboration.
About Us First Horizon Corporation is a leading regional financial services company, dedicated to helping our clients, communities and associates unlock their full potential with capital and counsel. Headquartered in Memphis, TN, the banking subsidiary First Horizon Bank operates in 12 states across the southern U.S. The Company and its subsidiaries offer commercial, private banking, consumer, small business, wealth and trust management, retail brokerage, capital markets, fixed income, and mortgage banking services. First Horizon has been recognized as one of the nation's best employers by Fortune and Forbes magazines and a Top 10 Most Reputable U.S. Bank. More information is available at www.FirstHorizon.com (https://urldefense.com/v3/__https:/www.firsthorizon.com/__;!!Cz2fjcuE!hpq9hPnrucZCPIAVPojVESItIq-FPzhurNdCrQ3JE8Rkx3gMd70nIk6_kmPxl66_oJCEsXs0gNunPowMAMHCmBYPOtUxUGI$) .
Benefit Highlights • Medical with wellness incentives, dental, and vision
• HSA with company match
• Maternity and parental leave
• Tuition reimbursement
• Mentor program
• 401(k) with 6% match
• More -- FirstHorizon.com/First-Horizon-National-Corporation/Careers/Our-Benefits
Follow Us Facebook (https://www.facebook.com/FirstHorizonBank)
X formerly Twitter
LinkedIn (http://www.linkedin.com/company/first-horizon-bank)
Instagram
YouTube (https://www.youtube.com/channel/UCEVs5OMj-b0H9Dr5Q209_-Q)
Equal Opportunity Employer / Protected Veterans / Individuals with Disabilities This employer is required to notify all applicants of their rights pursuant to federal employment laws.
For further information, please review the Know Your Rights notice from the Department of Labor. For further information, please review the Know Your Rights (https://www.eeoc.gov/poster) notice from the Department of Labor.
#J-18808-Ljbffr
Weekly Schedule: Monday- Friday: 9am-5pm
Primary Responsibilities
Manages solution design from conception, through ARB, to delivery
Primarily responsible for producing architecture documentation for security applications as assigned and as projects and programs of work dictate
Maintains First Horizon’s Security Architecture Pattern Inventory (across identity, data, application, network, and cloud) as a member of the Core Enterprise Architecture Team
Leads security design workshops and POC efforts for new (security) capabilities
Validates 3rd Party/Vendor Solutions for security concerns
Aligns Information Security Technology strategy and planning with First Horizon’s business goals and objectives
Promotes the use of a shared infrastructure and application roadmap to reduce costs and improve how assets are secured
Builds and maintains technical trusted advisor relationships with influential technical decision makers within Technology
Works with engineers to ensure that technical solutions as delivered align with Information Security Standards and Policies
Works with Portfolio technology leaders to include IT Risk and Security Exception initiatives in portfolio roadmap
Manage Encryption Standards: key management, tokenization for payments, DLP/classification/handling; architect PCI DSS segmentation boundaries and compensating controls.
Manage Network/Zero Trust Standards: microsegmentation across Azure and colocation; secure branch/office connectivity; define workload identity and continuous verification patterns; enforce least privilege.
Detection/telemetry: Publish Splunk logging schema, retention, and correlation strategies; onboard logs from Azure, Colo, API Gateways, IAM, CyberArk, MFaaS, and core platforms; drive ATT&CK‑aligned detections and forensic readiness.
Secure SDLC and supply chain: Operationalize threat modeling; collaboratively define CI/CD control overlays with DevOps; establish artifact signing/SBOM standards; ensure secrets handling and container/Kubernetes baselines where applicable.
Governance and risk: Maintain control overlays mapped to FFIEC/GLBA/PCI/NIST; lead design reviews; manage exceptions with remediation timelines; produce audit-ready decision records in partnership with the CISO team.
Payments and third-party/SaaS: Define intake and security requirements for MFaaS, Salesforce, ServiceNow, FIS/Fiserv/Bottomline integrations—identity, logging, data handling, and PCI scoping.
Physical security integration: Align building access, video, and visitor systems with identity and logging patterns; coordinate incident playbooks with Corporate/PhysicalSecurity.
Enablement and influence: Mentor senior architects and engineering associates; lead communities of practice; communicate strategy, benefits, and trade-offs to executives and delivery teams.
Requirements
Bachelor's degree in Computer Science, Management Information Systems, or related field
(12+) years of Information Security experience
(7+) years of Security Architecture
Experience in regulated financial services
Experience with Azure security architecture across multi-tenant/region and hybrid environments; strong Zero Trust and network segmentation expertise
Regulatory fluency: FFIEC, GLBA, PCI DSS; practical NIST CSF/800-53 mapping; MITRE ATT&CK‑aligned detection design.
Experience with technical documentation like interaction diagrams, process diagrams, network topologies and other architectural content
Experience with Agile/SAFe methodologies
Experience with Enterprise Architecture Governance: ARB/design councils, exception handling, and audit narratives; ability to set and harmonize enterprise standards.
Certifications/Licensures
Strongly preferred: CISSP or CompTIA Security+ Microsoft Azure Security Engineer or Azure Solutions Architect Expert
Preferred: CCSP; CISM or CRISC; SANS GCSA or GCLD; PCI Professional (PCIP) or equivalent GIAC enterprise defense/IR certifications
Skills And Competencies
Ability to adapt to new technologies and learn quickly
Enterprise architectural leadership across identity, cloud, application, data, and network security.
IAM for associates (Entra ID, Active Directory) and clients (Transmit Security, ForgeRock/Ping, or Okta); OAuth/OIDC; phishing‑resistant MFA/passkeys; PAM integration and privileged pathway design.
Integration Security: FAPI, OAuth2.0, FDX, mTLS, rate limiting, schema validation, abuse/bot mitigation, CIAM integration, OWASP, and high-quality telemetry to Splunk.
Secure SDLC and supply chain: threat modeling, pipeline security, artifact signing/SBOM, dependency hygiene, and secrets management.
Communication, influence, and enablement: ability to translate risk to business impact, drive adoption, and coach peers and engineers.
Ownership and execution: measurable risk reduction, pattern adoption, and cross‑team collaboration.
About Us First Horizon Corporation is a leading regional financial services company, dedicated to helping our clients, communities and associates unlock their full potential with capital and counsel. Headquartered in Memphis, TN, the banking subsidiary First Horizon Bank operates in 12 states across the southern U.S. The Company and its subsidiaries offer commercial, private banking, consumer, small business, wealth and trust management, retail brokerage, capital markets, fixed income, and mortgage banking services. First Horizon has been recognized as one of the nation's best employers by Fortune and Forbes magazines and a Top 10 Most Reputable U.S. Bank. More information is available at www.FirstHorizon.com (https://urldefense.com/v3/__https:/www.firsthorizon.com/__;!!Cz2fjcuE!hpq9hPnrucZCPIAVPojVESItIq-FPzhurNdCrQ3JE8Rkx3gMd70nIk6_kmPxl66_oJCEsXs0gNunPowMAMHCmBYPOtUxUGI$) .
Benefit Highlights • Medical with wellness incentives, dental, and vision
• HSA with company match
• Maternity and parental leave
• Tuition reimbursement
• Mentor program
• 401(k) with 6% match
• More -- FirstHorizon.com/First-Horizon-National-Corporation/Careers/Our-Benefits
Follow Us Facebook (https://www.facebook.com/FirstHorizonBank)
X formerly Twitter
LinkedIn (http://www.linkedin.com/company/first-horizon-bank)
YouTube (https://www.youtube.com/channel/UCEVs5OMj-b0H9Dr5Q209_-Q)
Equal Opportunity Employer / Protected Veterans / Individuals with Disabilities This employer is required to notify all applicants of their rights pursuant to federal employment laws.
For further information, please review the Know Your Rights notice from the Department of Labor. For further information, please review the Know Your Rights (https://www.eeoc.gov/poster) notice from the Department of Labor.
#J-18808-Ljbffr