Cybersecurity Principal Architect – Business Applications Architect Position Available In Mecklenburg, North Carolina

The position is described below. If you want to apply, click the Apply Now button at the top or bottom of this page. After you click Apply Now and complete your application, you’ll be invited to create a profile, which will let you see your application status and any communications. If you already have a profile with us, you can log in to check status.

Need Help?

If you have a disability and need assistance with the application, you can request a reasonable accommodation. Send an email to Accessibility (accommodation requests only; other inquiries won’t receive a response).

Regular or Temporary:

RegularLanguage Fluency:

English (Required)

Work Shift:

1st shift (United States of America)Please review the following job description:

Responsible for defining and maintaining cyber security architecture and technology plans with a focus on researching emerging technology, best practices, and applicable regulatory/compliance requirements then applying them to enable business solutions. Ensure that security controls are reliable and supports business initiatives and future growth through coordination with the Truist architectural community, Corporate Cyber Security (CCS) Engineering, Application Delivery Services and other stakeholders. Act as a lead subject matter expert on cyber capabilities, best practices, and security controls for your aligned applications and technology stacks. Initially, primary focus will be in Identity and Access Management and Cloud Security domains.

Essential Duties and Responsibilities Following is a summary of the essential functions for this job. Other duties may be performed, both major and minor, which are not mentioned below. Specific activities may change from time to time. Lead the planning, creation, and management of security architecture deliverables, including but not limited to requirements, solution designs, patterns, building blocks, target architectures, policies, standards, and guidance for all applicable platforms and environments to influence CCS, Enterprise Technology, and line of business decision making.

Acts as thought leader in new technology innovation, incubation, introduction and implementation critical to the CCS roadmap and Truist’s success. Build roadmap for acquiring, integrating, and implementing high-value technology and processes. Oversee efforts (e.g. proof of concepts) to measure and prove new technology value.

Lead development of system security context and preliminary system security concept of operations and define baseline system security requirements in accordance with applicable regulations and standards.

Create and maintain system security context and preliminary system security concept of operations and define baseline system security requirements in accordance with applicable regulations and standards.

Ensure that all acquired or developed security systems and security architectures integrate with enterprise security architecture.

Establish strong relationships with key technology stakeholders and create convergence by demonstrating credibility, empathy and expertise on business and technical issues. Facilitate, communicate, collaborate, and persuade others in the definition, adoption and implementation of a coherent architecture.

Evaluate existing or emerging technologies to consider factors such as cost, security, compatibility and usability and ensure security product lifecycles are managed proactively.

Demonstrate comprehensive experience and skill in Information Security (InfoSec) and cyber security technology and practices necessary to negotiate and persuade technology direction on security principals and tenets such as confidentiality, integrity, availability, authentication and non-repudiation.

Perform security reviews, identify gaps in security architecture and develop security risk management plans.

QualificationsRequired Qualifications:

The requirements listed below are representative of the knowledge, skill and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

Bachelor’s degree in Business, Management, MIS-related field, or equivalent education and related trainingTwelve years of progressively responsible leadership experience in Information/Cyber SecurityComprehensive experience in network security architecture, including design tools, methods, and techniques and the application of Defense-in-Depth principles; knowledge of network design processes, including understanding of security objectives, operational objectives and tradeoffsThorough knowledge of The Open Group Architecture Framework (TOGAF), including infrastructure, data, information security, applications, architectural concepts, and associated disciplines

Knowledge of:

Mainframe security, including access control, monitoring, integration with non-mainframe technologies, and virtualizationAuthentication and authorization technologies including remote accessApplication security and the security development lifecycle and ability to apply to client-server and web-based application development environmentsEnterprise databases and database security, including database activity monitoring and database access control technologiesEncryption methods and technologies for data-in-transit and data-at-rest scenariosIncident response processesDenial of Service prevention mechanismsFirewall technologies and intrusion prevention methodsCloud technologies and hostingOperating system hardeningVirtualization technologiesMobile technologiesEncryption and key management technologiesEndpoint Protection (includes malware)Data Loss Protection technologiesExperience with peripheral component interconnect and other security audit processes, evidence gathering and development/management of remediation plans used in resolution of finding

Preferred Qualifications:

Highly Preferred Qualifications & ExperienceBroad knowledge across a wide range security and technology domains, and deep knowledge/experience in Identity and Access Management (IAM) and securing complex AWS and Azure architecturesUnderstanding of security foundations, frameworks, and standards such as hardening, least privilege, attack surface reduction, NIST SP800-series, NIST Cybersecurity Framework, Common Criteria, FFIEC, FISMA/Fed

RAMP, PCI DSS, CIS

Benchmarks, and similar.

Applies in-depth and specialized expertise and/or a significant breadth of expertise in own professional discipline and other related disciplines.

Interprets internal/external business challenges and recommends best practices to improve products, processes, or services.

Mentors less experienced teammates to build their own technical expertise. Impacts the achievement of client, operational, project, service, and risk management objectives.

Works independently, with guidance in only the most complex and unusual situations.

Relevant industry experience: Financial services / Fintech industry experience (most desired) or other highly regulated / highly secured industry experience (ex. energy, PCI Level 1 merchant, big tech).Specific solution expertise is desired in the following areas:

Digital Commerce, Digital Banking and Financial Systems architectureLarge data management architecture and integrationsAttack protection and mitigation technologies•DDoS, WAF, Bot, etc.

AWS / Azure Cloud•application migration, fit for purpose, etc.

Multifactor authentication, Risk Based AuthenticationApplication authentication modelsApplication Security•OWASP control and evaluation criteriaCryptographic technology•Transit encryption, storage encryption, Hash, KMS, Digital Signature, etc.

Federated Identity Management / Identity Providers / Single Sign On (SSO)Client authentication approaches for “anti-bot” technologies, signaling, and fraud preventionNice to

Have Preferred Qualifications & ExperienceCertification:

CISSP, ISSAP, AWS, AZURE, SANS and/or TOGAF certificationsMasters degree in: Computer Science, Information Systems, Security, or other closely related field.

Experience with Agile Scrum (Daily Standup, Sprint Planning and Sprint Retrospective meetings)Consulting or professional services backgroundsIdeal candidate will also have experience in the following areasDeveloping patterns, building blocks, target architectures, policies, standards, and guidance for all applicable platformsContainerization, Micro-services, API, CI/CDContent Delivery technologiesFintech integration

OTHER JOB REQUIREMENTS / WORKING

CONDITIONSVisual / Audio / SpeakingAble to access and interpret client information received from the computer and able to hear and speak with individuals in person and on the phone.

Manual Dexterity / KeyboardingAble to work standard office equipment, including PC keyboard and mouse, copy/fax machines, and printers.

AvailabilityAble to work all hours scheduled, including overtime as directed by manager/supervisor and required by business need.

TravelUp to 25%General Description of Available Benefits for

Eligible Employees of Truist Financial Corporation:

All regular teammates (not temporary or contingent workers) working 20 hours or more per week are eligible for benefits, though eligibility for specific benefits may be determined by the division of Truist offering the position. Truist offers medical, dental, vision, life insurance, disability, accidental death and dismemberment, tax-preferred savings accounts, and a 401k plan to teammates. Teammates also receive no less than 10 days of vacation (prorated based on date of hire and by full-time or part-time status) during their first year of employment, along with 10 sick days (also prorated), and paid holidays. For more details on Truist’s generous benefit plans, please visit our Benefits site. Depending on the position and division, this job may also be eligible for Truist’s defined benefit pension plan, restricted stock units, and/or a deferred compensation plan. As you advance through the hiring process, you will also learn more about the specific benefits available for any non-temporary position for which you apply, based on full-time or part-time status, position, and division of work.

Truist is an Equal Opportunity Employer that does not discriminate on the basis of race, gender, color, religion, citizenship or national origin, age, sexual orientation, gender identity, disability, veteran status, or other classification protected by law. Truist is a Drug Free Workplace.

EEO is the Law Pay Transparency Nondiscrimination Provision E-VerifyPDN-9f0a29fb-2800-424b-9c29-3c9b0df7377e