Purpose of the Job:
This role is responsible for securing the bank’s HR, Finance and Risk technology
assets. This role provides security controls design input for Enterprise
Technology and Data architectures. This role acts as the single-point-of-contact
for security services engagement that may be required for Enterprise Technology
and Data teams. This senior leadership role oversees security by design,
security by default, secure development and validation needs of the Enterprise
Technology and Data initiatives tailored to the needs of the Risk, Finance and
HR functions of the bank.
\n
Main Activities:
- Acts as cyber security champion and ambassador for Enterprise Technology and
Data team and actively engages with the leadership team to support business
outcomes with security advisory services.
- Ensures seamless onboarding to the right security services as needed.
- Act as liaison between Cyber Subject Matter Expert teams and the Enterprise
Technology and data team ensuring right-sized security engagements.
- Provide security control design input for Data and Enterprise apps
initiatives, ensuring control design is right-sized, risk based and meet
regulatory and compliance security requirements.
- Engage with Enterprise Technology & Data and business teams (risk, finance
and Human resources) to ensure security controls implementation and
remediation are prioritized as needed.
- Develop tools, documentation that will enable Enterprise technology and data
teams efficiently embed security into practices of building, releasing and
maintaining technology systems under their purview (shift-left initiatives)
Knowledge/Skill Requirements:
- A college diploma or university degree in computer science (or related
course) or Industry recognized certifications (e.g. CISSP) with 7 years cyber
security experience is required.
- Minimum of 8 years of technical IT experience.
- Minimum of 6 years of Cyber Security experience
- Minimum of 2 years of experience with enterprise data platforms, Enterprise
resource planning or similar solutions.
- Strong knowledge of cyber security frameworks, controls and practices
- Strong engineering or security architecture knowledge, (prior hands-on
technology engineering experience is preferred)
- Microsoft Azure solutions Architect expert, Microsoft Cyber security
Architect Expert, Sherwood Applied Business Security Architecture (SABSA)
Foundation, Practitioner or Master level designations, TOGAF certifications
are a plus
- Strong experience architecting and implementing solutions in Cloud
environments (Microsoft Azure)
- Strong experience with data architecture, data engineering or security
consulting for similar technologies.
- Strong experience documenting architecture flows and diagrams.
- Good knowledge of cyber threats, risks and control design best practices.
- People & resource management
- Strategic and Financial Planning
- Process design and implementation experience is a plus
- Technology Roadmaps
- Ownership & Accountability
\n
