The Cyber Security Lead will serve as a subject matter expert for their assigned team as it relates to the processes of cyber incident response, vulnerability analysis, digital forensics or eDiscovery. As a technical lead, this role requires strong analytical, critical thinking, and creative problem solving capabilities to respond to the most complex and/or highest priority cyber incidents. This role requires a detailed working knowledge of current and emerging security technologies, industry trends, latest threats, counter measures, and best practices, as well as the ability to strongly and effectively communicate this knowledge and make recommendations on future direction for the Cyber Security program of the bank. Develops playbooks, processes, and procedures based upon industry best practices and relevant to the bank’s critical systems and business processes. Performs periodic quality assessments to ensure relevant processes and procedures are being performed as expected and planned, and provide recommendations for noted deficiencies. Represent assigned team on cross-functional IT project teams, as necessary. Respond to requests for reporting and periodic research projects, as deemed appropriate. Provide consistent mentorship, thought leadership, consulting, training, and hands-on assistance to fellow teammates and partners as it relates to their area of expertise. Monitor and delegate incoming workflow to peers and appropriate teammates, when requiredQualifications
- Bachelor’s degree in Information Security, Information Technology, Computer Science, with three or more years’ work experience in a cyber security-related role; OR at least five years of work experience in a cyber-security specific role with a demonstrable understanding of the cyber threat landscape as well as best practice prevention and detection techniques.
- In-depth, practical knowledge of information systems and ability to identify, apply, implement and drive cyber security best practices in an enterprise environment.
- Extensive, hands-on experience related to cyber security incident management; network, host and application security; intrusion analysis; malware analysis; vulnerability management & penetration testing; digital forensics or eDiscovery; as appropriate to assigned team.
- Advanced knowledge of cyber security tools such as: SIEM, IDS/IPS, Antivirus, anti-spam filtering, operating system security (Windows & Linux), network security technologies, penetration testing toolsets, or digital forensics and live memory forensics platforms, as appropriate to assigned team.
- Effective verbal and written communication skills for the purpose of presenting complex technical information, driving the implementation of best practice recommendations, and influencing business decisions.
- Demonstrated teamwork and collaboration skills.
- Strong time management skills and ability to manage priorities effectively.
- Demonstrated ability to provide direction and mentorship to teammates, peers and leaders.
- Published contributions to the information security community via academic, research, intelligence or information sharing channels.
- Three or more of the following (or similar) certifications: Security+, GSEC, GCIA, GCIH, GCFA, GCED, GPEN, GWAPT, GREM, CEH, CISSP (while certifications are appreciated and desired, hands-on work experience and passion to protect the organization, clients and teammates from cyber threats will be heavily weighted for this role).
Equal Opportunity Employer: SunTrust supports a diverse workforce and is a Drug Testing and Equal Opportunity Employer. SunTrust does not discriminate against individuals on the basis of race, creed, color, gender, religion, national originTo review the EEO Poster, copy and paste the following link into your browser: http://www1.eeoc.gov/employers/upload/eeoc_self_print_poster.pdf http://www.dol.gov/ofccp/regs/compliance/posters/pdf/OFCCP_EEO_Supplement_Final_JRF_QA_508c.pdf