Huntington Bancshares Incorporated.
Columbus, OH, United States
It, Project Management
Information Security Strategy Architect develops and deliver solutions that protect enterprise systems, applications and data by establishing strategies, policies and practices that prevent unauthorized access, use, disclosure, modification or disruption. The positiondevelops and delivers solutions for evaluating and mitigating enterprise IT security risks, establishing security policies and practices, implementing controls, and educating stakeholders. Applies industry security standards, best practices in infrastructure and application security, and threat assessment frameworks such as MITRE ATT&CK and Microsoft STRIDE to develop and communicate enterprise information security strategies. The position also closely follows the strategic business directionset by senior Huntington management when establishing information security strategies and roadmaps.
Ideal candidates should be experienced information security consultants with demonstrated experience advising on security strategy at the Chief Information Security Officer (CISO) level and above. Should possess a proven record of management experience, security thought leadership and be recognized for business acumen. It is preferred that the candidate have experience assessing gaps against multiple standards and frameworks including Payment Card Industry Data Security Standard (PCI-DSS), FFIEC, NIST, GLBA, HIPAA, etc. and have experience in formulating security roadmaps to bridge identified gaps. Candidates must be a self-starter, demonstrate communication skills, and exhibit professional business demeanor at all times.
*Lead workshops in order to understand organizational cybersecurity problems, expected outcomes, and formulate strategic direction to help address in the short, mid and long term
*Partner with other information security leadership team members to collectively build and drive information security programs, strategies, and roadmaps
*Working directly with business and technology organizations to design and implement security strategies and architectures across platforms and for a variety of security solutions
*Working with information security control domain leads and various partners to evaluate investments, staffing, target solutions, and cost of owner expectations
*Building business cases that include financial and risk reduction projections to articulate the mission and anticipated goals of a particular security strategy
*Performing security program assessments, documenting gaps, requirements analysis, and creating strategic implementation roadmaps
*Ability to understand business direction and create optimized security organizations and architectures to meet needs
*Ability to show return on investment for security and technology investments
*Ability to translate technical requirements into business terms for executive stakeholders
*Enhances security team accomplishments and competence by answering technical and procedural questions for less experienced team members; teaching improved processes; mentoring team members
*Minimum 5 years of experience in information technology engineering or operations which includes 3 years of information security experience and 1 year compliance experience (FFIEC, PCI DSS, SOX, CobiT, HIPAA, or GLBA), Security consulting experience, or Architecture experience
*Minimum of 1 years of management experience
*Strongly prefer industry-adopted security certifications (e.g. CISSP, CISA, CISM, CRISC, CEH)
*Experience with information security governance, data security and information privacy responsibility along with one or more of the following: security services, managed detection and response, cloud security strategy, system integration, SSDLC, vulnerability management, application security or secure DevOps
*Risk management framework experience (e.g. NIST 800-30)
*Experience with project management
*Eagerness to contribute in a team-oriented environment
*Ability to work creatively and analytically in a problem-solving environment
*Desire to work in a dynamic and fast paced information systems environment
*Excellent communication (written and oral) and interpersonal skills
*Comfortable with senior management (C-Level) interactions
*Demonstrated leadership, teamwork and collaboration in a professional setting
EEO/AA Employer/Minority/Female/Disability/Veteran/Sexual Orientation/Gender Identity
Tobacco-Free Hiring Practice: To demonstrate our commitment to health and wellness, Huntington will not hire any candidate who uses tobacco or any nicotine product including, but not limited to, cigarettes, cigars, pipes, smokeless tobacco, chewing tobacco, snuff or snus, nicotine gum, the nicotine patch or any other kind of nicotine replacement product (where permitted by applicable state law). Candidates applying for positions in those states will be notified of this practice during the recruitment process and, if offered a position, will be screened for cotinine (to check for use of tobacco and/or nicotine products and/or nicotine replacement therapy products) before they begin employment. If the position to which you're applying is covered by this practice, the job application will provide greater detail as to what constitutes tobacco use.
Huntington does not accept solicitation from Third Party Recruiters for any position.
Huntington Bancshares Incorporated.
Website : https://www.huntington.com/
Welcome to Huntington. Thank you for your interest in learning more about us. Founded in 1866 as The Huntington National Bank, today Huntington Bancshares Incorporated still operates from the same Columbus, Ohio founding location in the heart of the Midwest. As of January 25, 2017, Huntington Bancshares Incorporated is a $100 billion asset regional bank holding company.