Security Executive Advisors are senior-level security risk consultants who create synergies between the cyber security and technology organizations in the company by establishing and maintaining effective relationships with senior IT leaders within one or more Segments / Lines of Business. Security Executive Advisors also provide innovative thought leadership on how to ensure enterprise-wide initiatives are securely designed and implemented across enterprise architecture, infrastructure, applications, and business processes, by leveraging industry standards, best practices, applicable regulations, or experience.
This role facilitates creating positive partnerships by regular engaging with senior IT leaders, conducting workshops, facilitating working groups, presenting regularly at senior staff meetings, discussing security issues with technical staff, evaluating system security designs, and other means, to drive the enterprise security strategy further into the business, and ensure that core business capabilities are effectively protected from today’s cyber threats.Qualifications
· Bachelor’s degree and 8 years of experience in IT security or an equivalent combination of education and work experience.
· Deep specialized and/or broad functional knowledge.
· Sound understanding of business and organizational strategies and processes.
· Ability to interpret internal and external business challenges and recommend best practices.
· Ability to lead complex projects. Sophisticated analytical skills and the ability to solve complex technical and business problems.
· Ability to influence others at senior levels to adopt a new perspective.
· Comprehensive knowledge of security-related technologies, such as Cisco PIX firewall OS, Nokia Checkpoint firewall OS, TCP/IP, DNS, SATAN, CyberCop, ISS, nmap, IBM Secure Way, and/or Web Single Sign-On (SSO).
· Developing and recommending designs for the implementation of both technology and cyber security solutions
· Proven experience implementing security or other solutions following a systems development lifecycle (agile, waterfall, DevOps, etc.)
· Proven experience influencing at all levels of a technology organization, from development teams to CTO or CIO level.
· 2 – 3 years of experience implementing basic to moderately complex security systems in at least one of the following areas: network security, host-based security, software security, monitoring & incident response, vulnerability management, cloud security, identity management, encryption, threat intelligence, DLP, or other security domains
· Proven experience articulating highly technical risk concepts to all audiences, from top leadership, to staff-level developers and architects, in both verbal and written form
· Prior management experience with direct responsibility over leading teams
· Experiencing designing security into cloud-based systems (SaaS, PaaS, IaaS)
· Command of Windows & Linux-based operating systems and database concepts
· Command of fundamental host, network, and security concepts, such as, but not limited to, IP routing, DNS, stateful packet inspection, packet analysis, intrusion prevention, crypto-systems, configuration management, or virtualization
· Minimum of one of the following cyber security certifications: CISM, CISSP, CISA, CSSLP, C|CISO (other management-level security certifications may also be considered)
Equal Opportunity Employer: SunTrust supports a diverse workforce and is a Drug Testing and Equal Opportunity Employer. SunTrust does not discriminate against individuals on the basis of race, creed, color, gender, religion, national originTo review the EEO Poster, copy and paste the following link into your browser: http://www1.eeoc.gov/employers/upload/eeoc_self_print_poster.pdf http://www.dol.gov/ofccp/regs/compliance/posters/pdf/OFCCP_EEO_Supplement_Final_JRF_QA_508c.pdf