The Senior Information Security Officer will be a member of the Business Information Security Officer's (BISO) organization and work closely with the line of business Chief Information Officers (CIOs)/Chief Technology Officers (CTOs). In this role, you will be supporting the Global Information Security (GIS) Team, developing a deep understanding of this enterprise control function to have specialized information security risk-based discussions. This relationship will ensure a focus on the right risk priorities. You will also provide guidance on information security topics, policies, and controls. Additionally, this role will support GIS strategy and a highly visible Cyber Security Technology initiative portfolio.

Scale/Scope
• Serves as an Information Security subject matter expert and participates in the development, implementation and maintenance of information security for GIS
• Provides guidance and advocacy regarding the prioritization of investments that impact information security
• Engage with GIS SLT leaders and their teams to raise awareness of policies, standards and process changes that can impact their initiative portfolio
• Gain a strong understanding of GIS initiatives in order to share with the BISO SLT and their teams
• Monitors information security trends internal and external to the bank and keeps leadership informed
• Review platform architecture & data flow diagrams to identify security gaps
• Consults on GIS strategy, design, implementation and migration for technology initiatives
• Assess security opportunities and challenges and partner to determine best future state
• Influence and drive collaboration across teams for key initiatives, bringing in key stakeholders
• Serve as subject matter expert in BISO processes and participate in training and mentoring of new employees
• Monitors information security trends (internal and external to the bank) and keeps GIS leadership and their teams informed about information security-related issues
• Manages quality control and reporting
• Ensures compliance with policies and laws

Required Skills
• Information Security & Technology professional with 10+ years of experience in application development and/or Information Security
• 5+ years of risk management experience with proven ability to effectively apply risk principles to challenging business situations
• Subject matter expertise in application security, cloud security, DevSecOps, application architecture, design patterns, vulnerability testing and development of risk appetite
• Experience evaluating cyber security controls and providing guidance for platform or distributed computing platforms, including (Cloud/SaaS/IaaS/PaaS)
• Knowledge in Windows, Midrange and Mainframe Platforms with emphasis on security and access controls.
• Exceptional executive presentation and communication skills
• Excellent influencing and problem resolution skills
• Ability to be comfortable delivering messages across a wide spectrum of individuals having varying degrees of technical understanding
• Possess strong / experienced cybersecurity engineering and/or application security background; with solid knowledge of SDLC from design, testing, deployment to post-production and the different risk elements associated with each step.
• Strong leadership skills and qualities which enable you to work with peers and various levels of management

Desired Skills:
• Experience working on cloud implementations in Microsoft Azure, Amazon Web Services and Google Cloud Platform environments
• Bachelors and/or Master's degree in Computer Science, Information Technology or related field

This job will be open and accepting applications for a minimum of seven days from the date it was posted.

Shift:
1st shift (United States of America)

Hours Per Week:
40

Pay Transparency details

US - CO - Denver - 1144 15th St (CO9926), US - DC - Washington - 1800 K St NW - 1800 K Street NW (DC1842)

Pay and benefits information

Pay range

$141,700.00 - $206,100.00 annualized salary, offers to be determined based on experience, education and skill set.

Discretionary incentive eligible

This role is eligible to participate in the annual discretionary plan. Employees are eligible for an annual discretionary award based on their overall individual performance results and behaviors, the performance and contributions of their line of business and/or group; and the overall success of the Company.

Benefits

This role is currently benefits eligible. We provide industry-leading benefits, access to paid time off, resources and support to our employees so they can make a genuine impact and contribute to the sustainable growth of our business and the communities we serve.