The Information Security Program Strategist III is a senior level information/cyber security technology specialist, business analyst, and data analyst. Works with key stakeholders, including senior leaders and executives, as well as LOBs to clearly define information security indicatives, vision and approach to meet security business needs, risks, exposures and remediation. Collaborate with key team stakeholders and application development teams to drive initiatives to completion and rollout, enhance security standards, integrate solutions and maintain the strategic direction of Information Security.
Essential Duties and Responsibilities:
Following is a summary of the essential functions for this job. Other duties may be performed, both major and minor, which are not mentioned below. Specific activities may change from time to time.
1. Lead collaboration efforts with internal and external IT service providers and business units in evaluating and gathering technical requirements for business clients’ information security initiatives.
2. Work with cross-functional teams and shape client expectations by driving initiatives and matching outcomes to expectations.
3. Provide leadership and direction to ensure program elements including risk assessments, application development, project management, and ongoing operations reflect CIS requirements.
4. Act as a thought leader and trusted partner enabling business units to more aggressively leverage its capabilities to drive business value and strengthen its role in upholding company's competitive advantage.
5. Drive initiatives that improve communication and documentation of potential solutions, impact analysis, benefits/risks, implementation requirements, and recommended approach.
6. Remain aware of the corporate technology, infrastructure, standards, processes, and strategic direction and to use these tools to help guide the client in accomplishing their business goals.
7. Adhere to all policy and standards as well as regulatory requirements regarding reporting and escalations.
8. Provide mentorship to junior level consultants.
Required Skills and Competencies:
The requirements listed below are representative of the knowledge, skill and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
1. Bachelor's degree in business administration, technology related field or equivalent education and related training.
2. 5-7 years of experience on integrating applications with any Federation product (CA, SailPoint, Okta, PING Federate, etc.)
3. Very strong understanding of federation protocols, Single Sign On and MFA concepts.
4. Hands on experience in implementing Multi Factor Authentication and Adaptive Authentication.
5. Extensive experience with securing, hardening, and maintaining systems with Multi factor capabilities like VASCO, OneSpan Identity Key Server or RSA SecureID.
6. A grounded understanding of applied enterprise information security technologies with Multi-factor Authentication.
7. Experience architecting IAM/MFA solutions within Microsoft Azure, Amazon Web Services (AWS) and, preferably, other cloud providers
8. Demonstrate critical thinking and problem solving skills.
9. Able to work independently with limited supervision.
10. Ability to work in a matrix management model and lead without direct authority.
11. Ability to work easily with diverse and dynamic teams.
12. Ability to travel, occasionally overnight.
13. Excellent communications skills with the ability to communicate up to Executive and Board of Directors level, both written and verbal, to both business and technology audiences.
1. At least one of the following certifications or equivalent experience: GCFA, GCIH, GCIA, GPEN, CEH, CISSP, CISM, CCNA and/or CISA certification
2. Experience working with Agile/Scrum teams.
3. Experience with IAM products/tools like SailPoint,OIAM & CA.
4. Adaptable to constant change and pressures of deadlines
5. Knowledge of financial services industry and all applicable regulations and industry standards
6. Bachelor’s degree in Computer Science or relevant field, or equivalent education and related training