Randstad Lead Cyber Risk Architect in Mclean, Virginia
Lead Cyber Risk Architect
date posted:Monday, August 7, 2017
Position Role Reports to: Lead Cyber Risk Architect
Corporate Title: Vice President
This position is aligned within the CISO Architecture team of the CSO group of Deutsche Bank. The team is responsible for developing and enforcing the enterprise security architecture across the Bank. Specifically, the Cyber Risk Team develops, refines, and implements the cyber architecture risk management process with a focus on holistic security risk reduction, efficiency and effectiveness.
As a Cyber Risk Architect, the candidate will be responsible for assessing the security architecture design of various applications within the bank using a risk-based approach to confirm compliance. The candidate, as a member of the security architecture team, will facilitate in the understanding and shaping of the end-to-end security strategy, governance, and architecture across IT projects, architectures, and designs. The candidate will provide key contribution into thoughts and ideas for protecting the overall enterprise security of the bank.
Additionally, the candidate will:
Engage with other elements of the Bank to all security architecture assessment efforts are integrating with Bank's overall IT vision/strategy/architecture
Participate in the identification and assessment of technology solutions and work with engineering teams to develop a strategic implementation roadmap for security technologies as necessary
Provide direction, oversight, advice and guidance to direct reports and functional teams to create and foster a culture of architectural excellence: 'Do it once, do it right'
Serve as a senior architect and technical lead supporting the Lead Cyber Risk Architect and Global Head of IT Security (GHITS) on IT security strategic planning, risk analysis and other related topics as necessary
Represent the Lead Cyber Risk Architect with technology planning and implementation activities as necessary
Documented experience assessing risk, developing cyber and information security, process, and frameworks, especially requirements definition and specifications
Detailed understanding of cybersecurity threats, vulnerabilities, protection measures, and technologies organizations face
Knowledge of the cybersecurity industry and measures/techniques applied to both measure and reduce risk
Excellent team leader and manager, able to work in virtual teams and a matrix organization
Documented experiences of senior level representation and team building skills
Strong stakeholder management & communication skills,
Technical Skills and Certifications:
- At least one of the following certifications: Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), or Certified Information Systems Manager (CISM).
Desirable Skills and Certifications:
Experience working in large multilayer global organizations with competing IT interests and goals
Project Management Professional (PMP) certification
- Fluent in English (written/verbal)
e.g travel, shift patterns
Expected travel for this position is up to 10%.
Supports the development of an environment where people management and development is the number one priority. Coaches direct reports and others in the organisation, as appropriate
Actively supports the business strategy, plans and values, contributing to the achievement of a high performance culture
Takes ownership for own career management, seeking opportunities for continuous development of personal capability and improved performance contribution
Acts as a role model for new employees, providing help and support to facilitate early integration and assimilation of their new environment
Supports tough people decisions to ensure people performance is aligned with organisation imperatives and needs. Addresses individual performance issues, where necessary, to drive for high performance
Experience with information security governance in an enterprise setting
Familiarity with cyber security architecture using trusted computing model
Working knowledge of security services such as encryption, authentication, and intrusion detection and prevention architectures, Identity & Access Management, application security and network security
Working knowledge of IT management frameworks such as Control Objectives for Information and Related Technology (COBIT) and Information Technology Infrastructure Library (ITIL)
Familiarity with ISO 27001, 27002, and 27005.
Security auditing to include knowledge of financial industry regulations: Gramm-Leach Bliley Act (GLBA), Payment Card Industry (PCI), and Federal Financial Institutions Examination Council (FFIEC), Monetary Authority of Singapore (MAS)
Experience working with a Global Financial Insititution
Bachelor's degree (required)
15 years of progressive cybersecurity experience
Masters or Ph.D. in Computer Science, Computer Engineering, or Information Systems degree (Preferred)