Truist Inc
Senior Cybersecurity Enterprise Architect Identity & Access Management
Truist Inc, Charlotte, North Carolina, United States, 28245
Job Posting
The position is described below. If you want to apply, click the Apply Now button at the top or bottom of this page. After you click Apply Now and complete your application, you'll be invited to create a profile, which will let you see your application status and any communications. If you already have a profile with us, you can log in to check status. Regular or Temporary: Regular Language Fluency: English (Required) Work Shift: 1st shift (United States of America) Job Description
Responsible for defining and maintaining cyber security architecture and technology plans, with a focus on driving modernization for, and improving automation and maintainability of, Truist's Identity and Access Management (IAM) solutions. Defines target architecture, sets strategy, partners with solutions architects to craft solutions architectures, and researches emerging technology/ best practices, with an emphasis on applying technology to enable business solutions. Educates and evangelizes IAM solutions for the Enterprise. Ensures that Corporate Cyber Security (CCS) solutions and infrastructure are reliable and support business initiatives and future growth, through coordination with the IAM engineering team, the Truist architectural community, cybersecurity engineering, the Cloud Platform Team, application development, and other stakeholders. Essential Duties and Responsibilities Following is a summary of the essential functions for this job. Other duties may be performed, both major and minor, which are not mentioned below. Specific activities may change from time to time. Guides the transformation of Identity and Access Management (IAM) ecosystem architecture for the enterprise, with an understanding of how to balance business agility, maintainability, and security to meet business objectives. Cultivates trusted partnerships with key Subject Matter Experts and technology stakeholders by demonstrating credibility, empathy and expertise in both business and technical domains. Facilitates alignment through clear communication, collaborative problem-solving, and persuades others in the definition, adoption and implementation of architecture solutions. Applies sound judgement and pragmatic decision-making to determine when to pursue new/ target capabilities versus extending existing services, with a focus on achieving measurable business outcomes. Serves as the enterprise expert on a variety of IAM areas, including Microsoft Entra ID (formerly Azure AD), Microsoft Active Directory (AD), identity federation (SAML, OAuth, OpenID), Single Sign On (SSO), Role Based Access Control (RBAC), and Software as a Service (SaaS) access control integration. Demonstrates strong knowledge of architecture (not only for IAM) in at least one Cloud Service Providers (CSPs), either Amazon Web Services (AWS) or Microsoft Azure. Builds skills and expertise in multiple CSPs over time. Drives innovation and operational excellence by architecting automated solutions such as code automation pipelines (CICD), and integration of DevSecOps and governance principles into deployed solutions. Serves as a thought leader, mentor, and educator in new technology innovation, particularly in IAM. Builds roadmap and target patterns for acquiring, integrating, and implementing high-value IAM technology and processes. Oversees efforts (e.g. proof of concepts) to measure and prove new technology value. Leverages Truist policies and standards, and incorporates industry best practices, to define baseline system security requirements in accordance with applicable regulations and standards. Evaluates existing and emerging technologies, considering factors such as cost, security, compatibility and usability, and ensures security product lifecycles are managed proactively. Demonstrates comprehensive experience and skill in Information Security (InfoSec) and cyber security technology and practices necessary to guide technology direction on security principles and tenets such as confidentiality, integrity, availability, authentication and non-repudiation. Performs security design reviews, identifies gaps in security architectures, and develops security risk management plans. Qualifications Required Qualifications: Bachelor's degree in Business, Management, MIS-related field, or equivalent education and related training Twelve years of progressively responsible leadership experience in Information/Cyber Security Comprehensive experience in network security architecture, including design tools, methods, and techniques and the application of Defense-in-Depth principles; knowledge of network design processes, including understanding of security objectives, operational objectives and tradeoffs Thorough knowledge of The Open Group Architecture Framework (TOGAF), including infrastructure, data, information security, applications, architectural concepts, and associated disciplines Knowledge of the following: Mainframe security, including access control, monitoring, integration with non-mainframe technologies, and virtualization; Authentication and authorization technologies including remote access; Application security and the security development lifecycle and ability to apply to client-server and web-based application development environments; Enterprise databases and database security, including database activity monitoring and database access control technologies; Encryption methods and technologies for data-in-transit and data-at-rest scenarios; Incident response processes; Denial of Service prevention mechanisms; Firewall technologies and intrusion prevention methods; Cloud technologies and hosting; Operating system hardening; Virtualization technologies; Mobile technologies; Encryption and key management technologies; Endpoint Protection (includes malware); Data Loss Protection technologies Experience with peripheral component interconnect and other security audit processes, evidence gathering and development/management of remediation plans used in resolution of finding Preferred Qualifications: Demonstrated experience and knowledge working with IAM solutions and multiple Cloud Service Providers (CSPs), such as Amazon Web Services (AWS) and Microsoft Azure. Industry regulations, standards and frameworks utilized include (but are not limited to), National Institute of Standards and Technology (NIST), Federal Financial Institutions Examination Council (FFIEC), Payment Card Industry Data Security Standards (PCI-DSS), Cyber Risk Institute (CRI), New York State Department of Financial Services (NYDFS), Cloud Security Alliance Cloud Controls Matrix (CSA-CCM), SarbanesOxley Act (SOX), and Gramm-Leach-Bliley Act (GLBA). Information security and control certifications (e.g. CISSP, ISSAP, CISM). Master's degree in Computer Science, Information Systems, Business, or other degree related to the position. Other Job Requirements / Working Conditions Sitting Constantly (More than 50% of the time) Visual / Audio / Speaking Able to access and interpret client information received from the computer and able to hear and speak with individuals in person and on the phone. Manual Dexterity / Keyboarding Able to work standard office equipment, including PC keyboard and mouse, copy/fax machines, and printers. Availability Able to work all hours scheduled, including overtime as directed by manager/supervisor and required by business need. Travel Minimal and up to 10% General Description of Available Benefits for Eligible Employees of Truist Financial Corporation: All regular teammates (not temporary or contingent workers) working 20 hours or more per week are eligible for benefits, though eligibility for specific benefits may be determined by the division of Truist offering the position. Truist offers medical, dental, vision, life insurance, disability, accidental death and dismemberment, tax-preferred savings accounts, and a 401k plan to teammates. Teammates also receive no less than 10 days of vacation (prorated based on date of hire and by full-time or part-time status) during their first year of employment, along with 10 sick days (also prorated), and paid holidays. For more details on Truist's generous benefit plans, please visit our Benefits site. Truist is an Equal Opportunity Employer that does not discriminate on the basis of race, gender, color, religion, citizenship or national origin, age, sexual orientation, gender identity, disability, veteran status, or other classification protected by law. Truist is a Drug Free Workplace.
The position is described below. If you want to apply, click the Apply Now button at the top or bottom of this page. After you click Apply Now and complete your application, you'll be invited to create a profile, which will let you see your application status and any communications. If you already have a profile with us, you can log in to check status. Regular or Temporary: Regular Language Fluency: English (Required) Work Shift: 1st shift (United States of America) Job Description
Responsible for defining and maintaining cyber security architecture and technology plans, with a focus on driving modernization for, and improving automation and maintainability of, Truist's Identity and Access Management (IAM) solutions. Defines target architecture, sets strategy, partners with solutions architects to craft solutions architectures, and researches emerging technology/ best practices, with an emphasis on applying technology to enable business solutions. Educates and evangelizes IAM solutions for the Enterprise. Ensures that Corporate Cyber Security (CCS) solutions and infrastructure are reliable and support business initiatives and future growth, through coordination with the IAM engineering team, the Truist architectural community, cybersecurity engineering, the Cloud Platform Team, application development, and other stakeholders. Essential Duties and Responsibilities Following is a summary of the essential functions for this job. Other duties may be performed, both major and minor, which are not mentioned below. Specific activities may change from time to time. Guides the transformation of Identity and Access Management (IAM) ecosystem architecture for the enterprise, with an understanding of how to balance business agility, maintainability, and security to meet business objectives. Cultivates trusted partnerships with key Subject Matter Experts and technology stakeholders by demonstrating credibility, empathy and expertise in both business and technical domains. Facilitates alignment through clear communication, collaborative problem-solving, and persuades others in the definition, adoption and implementation of architecture solutions. Applies sound judgement and pragmatic decision-making to determine when to pursue new/ target capabilities versus extending existing services, with a focus on achieving measurable business outcomes. Serves as the enterprise expert on a variety of IAM areas, including Microsoft Entra ID (formerly Azure AD), Microsoft Active Directory (AD), identity federation (SAML, OAuth, OpenID), Single Sign On (SSO), Role Based Access Control (RBAC), and Software as a Service (SaaS) access control integration. Demonstrates strong knowledge of architecture (not only for IAM) in at least one Cloud Service Providers (CSPs), either Amazon Web Services (AWS) or Microsoft Azure. Builds skills and expertise in multiple CSPs over time. Drives innovation and operational excellence by architecting automated solutions such as code automation pipelines (CICD), and integration of DevSecOps and governance principles into deployed solutions. Serves as a thought leader, mentor, and educator in new technology innovation, particularly in IAM. Builds roadmap and target patterns for acquiring, integrating, and implementing high-value IAM technology and processes. Oversees efforts (e.g. proof of concepts) to measure and prove new technology value. Leverages Truist policies and standards, and incorporates industry best practices, to define baseline system security requirements in accordance with applicable regulations and standards. Evaluates existing and emerging technologies, considering factors such as cost, security, compatibility and usability, and ensures security product lifecycles are managed proactively. Demonstrates comprehensive experience and skill in Information Security (InfoSec) and cyber security technology and practices necessary to guide technology direction on security principles and tenets such as confidentiality, integrity, availability, authentication and non-repudiation. Performs security design reviews, identifies gaps in security architectures, and develops security risk management plans. Qualifications Required Qualifications: Bachelor's degree in Business, Management, MIS-related field, or equivalent education and related training Twelve years of progressively responsible leadership experience in Information/Cyber Security Comprehensive experience in network security architecture, including design tools, methods, and techniques and the application of Defense-in-Depth principles; knowledge of network design processes, including understanding of security objectives, operational objectives and tradeoffs Thorough knowledge of The Open Group Architecture Framework (TOGAF), including infrastructure, data, information security, applications, architectural concepts, and associated disciplines Knowledge of the following: Mainframe security, including access control, monitoring, integration with non-mainframe technologies, and virtualization; Authentication and authorization technologies including remote access; Application security and the security development lifecycle and ability to apply to client-server and web-based application development environments; Enterprise databases and database security, including database activity monitoring and database access control technologies; Encryption methods and technologies for data-in-transit and data-at-rest scenarios; Incident response processes; Denial of Service prevention mechanisms; Firewall technologies and intrusion prevention methods; Cloud technologies and hosting; Operating system hardening; Virtualization technologies; Mobile technologies; Encryption and key management technologies; Endpoint Protection (includes malware); Data Loss Protection technologies Experience with peripheral component interconnect and other security audit processes, evidence gathering and development/management of remediation plans used in resolution of finding Preferred Qualifications: Demonstrated experience and knowledge working with IAM solutions and multiple Cloud Service Providers (CSPs), such as Amazon Web Services (AWS) and Microsoft Azure. Industry regulations, standards and frameworks utilized include (but are not limited to), National Institute of Standards and Technology (NIST), Federal Financial Institutions Examination Council (FFIEC), Payment Card Industry Data Security Standards (PCI-DSS), Cyber Risk Institute (CRI), New York State Department of Financial Services (NYDFS), Cloud Security Alliance Cloud Controls Matrix (CSA-CCM), SarbanesOxley Act (SOX), and Gramm-Leach-Bliley Act (GLBA). Information security and control certifications (e.g. CISSP, ISSAP, CISM). Master's degree in Computer Science, Information Systems, Business, or other degree related to the position. Other Job Requirements / Working Conditions Sitting Constantly (More than 50% of the time) Visual / Audio / Speaking Able to access and interpret client information received from the computer and able to hear and speak with individuals in person and on the phone. Manual Dexterity / Keyboarding Able to work standard office equipment, including PC keyboard and mouse, copy/fax machines, and printers. Availability Able to work all hours scheduled, including overtime as directed by manager/supervisor and required by business need. Travel Minimal and up to 10% General Description of Available Benefits for Eligible Employees of Truist Financial Corporation: All regular teammates (not temporary or contingent workers) working 20 hours or more per week are eligible for benefits, though eligibility for specific benefits may be determined by the division of Truist offering the position. Truist offers medical, dental, vision, life insurance, disability, accidental death and dismemberment, tax-preferred savings accounts, and a 401k plan to teammates. Teammates also receive no less than 10 days of vacation (prorated based on date of hire and by full-time or part-time status) during their first year of employment, along with 10 sick days (also prorated), and paid holidays. For more details on Truist's generous benefit plans, please visit our Benefits site. Truist is an Equal Opportunity Employer that does not discriminate on the basis of race, gender, color, religion, citizenship or national origin, age, sexual orientation, gender identity, disability, veteran status, or other classification protected by law. Truist is a Drug Free Workplace.