Oversees highly complex risk assessment and information security compliance programs or processes. Responsible for helping ensure alignment between security strategy and business strategy, participating in cross-functional design sessions, and staying educated on cloud security technologies. Applies an in-depth understanding of information security practices, risk management, and cloud deployment models (IaaS, PaaS, and SaaS). Identifies and resolves technical, operational, risk management, and organizational challenges. This role will lead and support cloud strategy and initiatives through:
- Defining adoption methodology for governance, risk, and compliance components of cloud security
- Consulting with cross-functional key stakeholders to ensure operational and strategic alignment
- Determining cloud security governance models based on industry guidelines and internal policies and standards
- Communicating complex concepts for cloud adoption
May manage an on-going relationship with a business unit with highly complex needs. Researches, investigates, conducts quality reviews, analysis, and development of recommendations for cloud security issues. Provides insights and recommendations to managers, suppliers, and other business resources in support of cloud security needs to meet business objectives and regulatory requirements. Provides expertise on highly complex IT security issues that have enterprise implications for SunTrust. Significantly contributes to the development and refinement of processes to provide better security governance solutions. Serves as an advanced technical expert on cloud security governance. Initiates and coordinates large projects that require cross-functional input and coordination. May participate in IT security development initiatives. Interprets internal/external business challenges and recommends best practices. Uses sophisticated analytical thought to exercise judgment and identify innovative solutions. Mentors less experienced teammates to build technical expertise. May have people management responsibilities.
Minimum Requirements: Bachelor’s degree and 8 years of experience in IT security or an equivalent combination of education and work experience. Deep specialized and/or broad functional knowledge. Sound understanding of business and organizational strategies and processes. Ability to interpret internal and external business challenges and recommend best practices. Ability to lead complex projects. Sophisticated analytical skills and the ability to solve complex technical and business problems. Ability to influence others at senior levels to adopt a new perspective. Comprehensive knowledge of security-related technologies, such as
Cisco PIX firewall OS, Nokia Checkpoint firewall OS, TCP/IP, DNS, SATAN, CyberCop, ISS, nmap, IBM Secure Way, and/or Web Single Sign-On (SSO).
Preferred Requirements: Master’s degree or MBA and 10 years of experience or an equivalent combination of education and work experience. Experience in a program/project leadership role. Certifications in CCSP, CCSK, CISSP, CISM. Cloud designations (e.g. AWS Cloud Security Architect - Professional). Relevant work experience with AWS and/or Azure. Banking or financial services experience. Comprehensive knowledge and work experience with cloud security and one or more of the following frameworks: NIST, GLBA, PCI.
Equal Opportunity Employer: SunTrust supports a diverse workforce and is a Drug Testing and Equal Opportunity Employer. SunTrust does not discriminate against individuals on the basis of race, creed, color, gender, religion, national originTo review the EEO Poster, copy and paste the following link into your browser: http://www1.eeoc.gov/employers/upload/eeoc_self_print_poster.pdf http://www.dol.gov/ofccp/regs/compliance/posters/pdf/OFCCP_EEO_Supplement_Final_JRF_QA_508c.pdf