girl looking into her desktop
Back to search results

Sr Info Security Officer

Charlotte, North Carolina;

Job Description:

The Senior Subject Matter Expert (SSME) will be a member of the GCOR (Global Compliance and Operational Risk) Cyber Risk Center of Excellence group and will be responsible for defining the GCOR expectations for the rest of the bank with regard to Application Security Architecture / Application Development and Engineering. The successful SSME will be expected to set clear rules relating to risk appetite within the Application Security domain, engage with other SMEs relating to that topic to ensure understanding remains accurate and up-to-date, and will share their knowledge with the wider Cyber GCOR organization and the wider bank through targeted documentation, white papers, knowledge sharing sessions and other mechanisms, as appropriate.  In this role, the SSME will be documenting technology and/or processes, working with Cyber GCOR, GIS, and other technology partners in the course of governing and overseeing the information security program delivery.

Key responsibilities

  • Serve as a Senior Subject Matter Expert (SSME) and be available for consultation to provide guidance on complex or unique situations encountered by GCOR groups.
  • To understand industry advances in order to be able to identify opportunities or gaps in the risk mitigation relating to application security
  • Responsible for researching and documenting technologies and architecture patterns in order to provide informed and pragmatic challenge on information security practice relating to application security
  • Be a thought leader for the logical group of Application Security SMEs across Cyber GCORE; enable less skilled team members to consume relevant knowledge through the production of documentation, review guides and white papers, in order to help up-skill the wider logical team and to foster consistency of delivery
  • Work on thematic analysis and guidance to ensure a robust end-to-end view of risk relating to application security
  • To be able to articulate aspects relating to application security at both high level and low level, and to explain this at relevant leadership forums (Leadership Skills)
  • To be able to discuss/partner with regulators to help shape industry strategy for this topic

Required Skills

  • Strong experience in the information security aspects of Application Security Architecture / Application Development and Engineering:
  • Must have the ability to research and understand complex technology as well as Information Security Industry best practices and associated risks.
  • Must have strong verbal and written communication skills required to convey complex technology to others with different technical backgrounds.
  • Strong organizational skills, able to work effectively with minimal guidance
  • Ability to research, analyze, and identify improvements in order to quantify minimum expectations for technology implementations and risk mitigation programs

Other Beneficial Skills

  • Bachelor's and/or Master’s degree in Computer Science, Information Technology or related field, or equivalent experience (8 years+)
  • Experience would also be of benefit in one or more of the following information security areas:
  • Cryptography
  • Cloud technologies and products
  • Network Security
  • Artificial Intelligence
  • Mobile Application Security
  • Other technologies used within the bank, as appropriate

Job Band:

H4

Shift: 

1st shift (United States of America)

Hours Per Week:

40

Weekly Schedule:

Referral Bonus Amount:

0

Job Description:

The Senior Subject Matter Expert (SSME) will be a member of the GCOR (Global Compliance and Operational Risk) Cyber Risk Center of Excellence group and will be responsible for defining the GCOR expectations for the rest of the bank with regard to Application Security Architecture / Application Development and Engineering. The successful SSME will be expected to set clear rules relating to risk appetite within the Application Security domain, engage with other SMEs relating to that topic to ensure understanding remains accurate and up-to-date, and will share their knowledge with the wider Cyber GCOR organization and the wider bank through targeted documentation, white papers, knowledge sharing sessions and other mechanisms, as appropriate.  In this role, the SSME will be documenting technology and/or processes, working with Cyber GCOR, GIS, and other technology partners in the course of governing and overseeing the information security program delivery.

Key responsibilities

  • Serve as a Senior Subject Matter Expert (SSME) and be available for consultation to provide guidance on complex or unique situations encountered by GCOR groups.
  • To understand industry advances in order to be able to identify opportunities or gaps in the risk mitigation relating to application security
  • Responsible for researching and documenting technologies and architecture patterns in order to provide informed and pragmatic challenge on information security practice relating to application security
  • Be a thought leader for the logical group of Application Security SMEs across Cyber GCORE; enable less skilled team members to consume relevant knowledge through the production of documentation, review guides and white papers, in order to help up-skill the wider logical team and to foster consistency of delivery
  • Work on thematic analysis and guidance to ensure a robust end-to-end view of risk relating to application security
  • To be able to articulate aspects relating to application security at both high level and low level, and to explain this at relevant leadership forums (Leadership Skills)
  • To be able to discuss/partner with regulators to help shape industry strategy for this topic

Required Skills

  • Strong experience in the information security aspects of Application Security Architecture / Application Development and Engineering:
  • Must have the ability to research and understand complex technology as well as Information Security Industry best practices and associated risks.
  • Must have strong verbal and written communication skills required to convey complex technology to others with different technical backgrounds.
  • Strong organizational skills, able to work effectively with minimal guidance
  • Ability to research, analyze, and identify improvements in order to quantify minimum expectations for technology implementations and risk mitigation programs

Other Beneficial Skills

  • Bachelor's and/or Master’s degree in Computer Science, Information Technology or related field, or equivalent experience (8 years+)
  • Experience would also be of benefit in one or more of the following information security areas:
  • Cryptography
  • Cloud technologies and products
  • Network Security
  • Artificial Intelligence
  • Mobile Application Security
  • Other technologies used within the bank, as appropriate

Shift:

1st shift (United States of America)

Hours Per Week: 

40

Learn more about this role

Full time

JR-21034510

Band: H4

Manages People: No

Travel: Yes, 5% of the time

Manager:

Talent Acquisition Contact:

James Henry

Referral Bonus:

0