The Senior Information Security Officer will be a member of the Business Information Security Officer's (BISO) organization and work closely with the line of business Chief Information Officers (CIOs)/Chief Technology Officers (CTOs). In this role, you will be supporting the Real Time Communications and Productivity Team to develop a deep understanding of the business in order to have specialized information security risk-based discussions. This relationship will ensure a focus on the right risk priorities. You will also provide guidance on information security topics, policies and controls. Additionally, this role will support strategic and highly visible portfolio rollouts - M365, Mobile Modernization and Virtual Desktop.

Scale/Scope

• Possess strong / experienced cybersecurity engineering and/or application security background; with solid knowledge of SDLC from design, testing, deployment to post-production and the different risk elements associated with each step.
• Serves as an Information Security subject matter expert and participates in the development, implementation and maintenance of information security for the line of business (LOB)
• Provides guidance and advocacy regarding the prioritization of LOB investments that impact information security
• Advises LOB management on risk issues related to information security and recommends actions in support of the bank's wider risk management and compliance programs
• Consults on Virtual Desktop strategy, design, implementation and migration
• Resilient infrastructure
• Stateful to stateless
• Consults on Mobile security strategy, design, implementation and migration for LOB projects
• For key initiatives - Assess security opportunities and challenges and partner to determine best future state
• Influence and drive collaboration across teams for key initiatives, bringing in key stakeholders
• Serve as subject matter expert in BISO process and participate in training for new employees
• Monitors information security trends internal and external to the bank and keeps LOB leadership informed about information security-related issues
• Serve as the backup for teammate responsible for supporting our End User Platforms - another high profile & visible portfolio
• For key initiatives - Assess security opportunities and challenges and partner to determine best future state
• Manages quality control and reporting
• Ensures compliance with policies and laws

Required Skills
• Information Security & Technology professional with 10+ years of experience in application development and/or Information Security
• 5+ years of risk management experience with proven ability to effectively apply risk principles to challenging business situations
• Subject matter expertise in application security, cloud security, DevSecOps, application architecture, design patterns, vulnerability testing and development of risk appetite
• Experience evaluating cyber security controls and providing guidance for platform or distributed computing platforms, including (Cloud/SaaS/IaaS/PaaS)
• Knowledge in Windows, Midrange and Mainframe Platforms with emphasis on security and access controls.
• Exceptional executive presentation and communication skills
• Excellent influencing and problem resolution skills
• Ability to be comfortable delivering messages across a wide spectrum of individuals having varying degrees of technical understanding
• Strong leadership skills and qualities which enable you to work with peers and various levels of management

Desired Skills
• Experience working on cloud implementations in Microsoft Azure, Amazon Web Services and Google Cloud Platform environments
• Bachelors and/or Master's degree in Computer Science, Information Technology or related field

Shift:
1st shift (United States of America)

Hours Per Week:
40

Pay Transparency details

US - CO - Denver - 1144 15th St (CO9926), US - DC - Washington - 1800 K St NW - 1800 K Street NW (DC1842)

Pay and benefits information

Pay range

$141,700.00 - $206,100.00 annualized salary, offers to be determined based on experience, education and skill set.

Discretionary incentive eligible

This role is eligible to participate in the annual discretionary plan. Employees are eligible for an annual discretionary award based on their overall individual performance results and behaviors, the performance and contributions of their line of business and/or group; and the overall success of the Company.

Benefits

This role is currently benefits eligible. We provide industry-leading benefits, access to paid time off, resources and support to our employees so they can make a genuine impact and contribute to the sustainable growth of our business and the communities we serve.