Information Security Architect I

This is a remote role that may be hired in several markets across the United States.

This position is responsible for identifying, analyzing, and assessing security risks within a designated unit within the Bank's information systems and technological architecture. May provide consultative guidance on security strategies, projects, and risk mitigation efforts. Ensures compliance with security and architectural standards. Provides support to security services through a variety of methods that enhance defenses for the Bank's information security architecture.

• Business Support - Facilitates engagement between clients and the information security services catalog. Ensures compliance with architectural and security requirements. Performs assessments of existing and new solutions to ensure adherence with approved architecture standards.
• Security Architecture - Assess the Business Units information technology and computer systems to identify strengths and weaknesses. Assists with the enhancement, and documentation of Information Technology (IT) security architecture. Works with peer staff to integrate security design requirements into the system development life cycle. Drives projects and initiatives to ensure security objectives are achieved.
• Security Strategy - Implements and executes security strategies. Assists with defining security baselines and standards to include technical configuration standards. Supports the implementation of security controls, guidelines, recommendations, and best practices. Aligns assigned projects with information security standards and compliance objectives.
• Awareness - Maintains a strong knowledge of emerging risks and trends. Assists the IT Risk and Compliance team in developing education and awareness program materials.

Bachelor's Degree and 4 years of experience in Information Technology including Information Security OR High School Diploma or GED and 8 years of experience in Information Technology including Information Security

Preferred Area of Experience: Security EngineeringLicense or Certification Type: Possesses or is working toward at least one of the following security certifications CISSP, GIAC, CISM, or OSCP

PreferredSkill(s): Proven consulting and relationship management skills and the ability to leverage key working relationships with business units, vendors, and IT staff.

Effective communicator, capable of effectively translating and presenting complex technical concepts to both technical and non-technical management and customers, through oral presentations and written media (white papers and demonstrations).

Familiarity with one or more standard security related frameworks (NIST-Cyber, CoBIT, ISO, etc.)

Experience with modern programming languages such as Java, JavaScript, Visual Basic, C++, C, C#, PYTHON, PERL, etc.

Knowledge of understanding of security principles and their application in an enterprise IT environment

Knowledge of various platform technologies including internet, network, distributed systems, desktop computing, voice, and threat management technologies.

Experienced with enterprise security controls including malware protection, firewalls, intrusion detection systems, content filtering, internet proxies, encryption controls, and log management solutions.

Knowledge of tiered application architectures, web front-ends/server-side apps, application, and relational databases

Experience with APIs: REST, SOAP, SOA and other integrations into the system development life cycle. Drives projects and initiatives to ensure security objectives are achieved

Direct experience with secure application development, application security risk mitigation techniques.

The base pay for this position is generally between $128,000 and $197,000. Actual starting base pay will be determined based on skills, experience, location, and other non-discriminatory factors permitted by law. For some roles, total compensation may also include variable incentives, bonuses, benefits, and/or other awards as outlined in the offer of employment.

This job posting is expected to remain active for 45 days from the initial posting date listed above. If it is necessary to extend this deadline, the posting will remain active as appropriate. Job postings may come down early due to business need or a high volume of applicants

Benefits are an integral part of total rewards and First Citizens Bank is committed to providing a competitive, thoughtfully designed and quality benefits program to meet the needs of our associates. More information can be found at https://jobs.firstcitizens.com/benefits.