Back to search results

Business Information Security Officer (BISO) - Cloud /Network Architecture

Denver, Colorado;

Job Description:

The Senior Information Security Officer will be a member of the Business Information Security Officer's (BISO) organization and work closely with the line of business Chief Information Officers (CIOs)/Chief Technology Officers (CTOs). In this role, you will be supporting a group/team to develop a deep understanding of the business in order to have specialized information security risk-based discussions. This relationship will ensure a focus on the right risk priorities. You will also provide guidance on information security topics, policies and controls.

Scale/Scope
• Possess strong / experienced application development and/or application security background; with solid knowledge of SDLC from design, testing, deployment to post-production and the different risk elements associated with each step.
• Serves as an Information Security subject matter expert and participates in the development, implementation and maintenance of information security for the line of business (LOB)
• Provides guidance and advocacy regarding the prioritization of LOB investments that impact information security
• Advises LOB management on risk issues related to information security and recommends actions in support of the bank's wider risk management and compliance programs
• Monitors information security trends internal and external to the bank and keeps LOB leadership informed about information security-related
• Manages quality control and reporting
• Ensures compliance with policies and laws

Risk Management
• Drives GIS/LOB risk deliverables
• Collaborates with risk partners on info security critical priorities
• Participates in senior LOB specific Risk Management & Business Continuity Routines
• Identifies and measures global information security (GIS) controls on most critical business processes or channels

Leadership/Strategy
• Has a deep understanding of security for computing platforms (PaaS)
• Has a solid grasp of security in big data and other instructed large data structures
• Ability to build strong Partner relationships with peer technology groups and supported LOB
• Supports the triage process with the client and helps them understand the GIS support structure
• Drives required risk culture and partnership with peer technology teams and supported LOB
• Participates in key CIO operating routines to drive information security risk strategy

Required Skills
• Information Security & Technology professional with 10+ years’ experience
• 5+ years of risk management experience with proven ability to effectively apply risk principles to challenging business situations
• Subject matter expertise in application security, vulnerability testing and development of risk appetite
• Experience evaluating cyber security controls and providing guidance for platform or distributed computing platforms (Cloud, PaaS)
• Experience with information security for No SQL, Big Data , and unstructured data stores (Cassandra, Hadoop, and /or Teradata)
• Knowledge in Windows, Midrange and Mainframe Platforms with emphasis on security and access controls.
• Exceptional executive presentation and communication skills
• Excellent influencing and problem resolution skills
• Ability to be comfortable delivering messages across a wide spectrum of individuals having varying degrees of technical understanding
• Strong leadership skills and qualities which enable you to work with peers and various levels of management

Additional Skills:

-  Prior management of app management/development with strong SDLC aptitude
-  Prior network or infrastructure administrative role with strong understanding of security architecture and access management
-  Prior technical experience in security companies that develop and implement security controls (e.g. McAfee, Symantec, NetApp, etc.) and solutions design

-  Demonstration of project management AND execution - strategic management

-  Executive presence and ability to translate complex concepts to senior audience with risk v. reward understanding

-  Ability to influence senior management through indirect management and partnership tactics



Desired Skills:
• Bachelors and/or Master’s degree in Computer Science, Information Technology or related field

Shift:

1st shift (United States of America)

Hours Per Week: 

40

Learn more about this role

Full time

JR-20007196

Manages People: No

Travel: Yes, 5% of the time

Manager:

Talent Acquisition Contact:

Referral Bonus: