Cyber Defense Center Leader

Location:

127 Public Square - Cleveland, Ohio 44114

Job Summary
Key's Cyber Defense Center (CDC) provides monitoring, detection, protection, and analysis of Key's enterprise information systems and network assets by rapidly recognizing and responding to suspicious events and security incidents. Through an array of cybersecurity-relevant data sources, the CDC proactively and iteratively examines Key's network infrastructure to identify the potential existence of threats designed to evade current security controls. The CDC consists of the following teams:

Security Operations Center,
Cyber Threat Management,
Vulnerability Management,
Application Security,
Cyber Incident Management.

Reporting to the Deputy Chief Information Security Officer and Head of Corporate Information Security, the CDC Leader is ultimately responsible for executing decision-making authorities and establishing the strategic vision and direction of Key's Information Security Program and initiatives, in alignment with KeyBank's corporate strategies and risk appetite, while adhering to regulatory requirements.

Responsibilities

• In partnership with Key’s lines of business and risk partners, develop and implement Key’s cybersecurity risk management strategy and direction in alignment with Key’s enterprise risk tolerance, ensuring the confidentiality, integrity, and availability of Key’s information assets in accordance with regulatory requirements.
• Provide exceptional leadership and knowledge to support a range of enterprise cybersecurity activities in alignment with enterprise business and risk management goals.
• Oversee multiple teams and their support of lines of business and technology partners based on a superior understanding of their business and industry best practices.
• Demonstrate a proven history of successful problem-solving with a strong sense of ownership and urgency.
• Utilize in-depth security and technical background across a broad spectrum of technologies to develop and implement short- and long-term strategic risk mitigation plans while supporting business goals.
• Evaluate and recommend emerging technology/cybersecurity strategies, technologies, and processes.
• Proactively identify threats and implement countermeasures into the design of defensive strategies.
• Exhibit superior knowledge and aptitude across a broad spectrum of technologies.
• Strategically source and retain skilled security resources.
• Demonstrate aptitude for managing budgets and projects.
• Exhibit exceptional negotiating, writing, and presentation skills; oversee the delivery of the right message at the right time to lines of business; be a superior communicator with auditors, regulators, senior and executive management, and subordinates.
• Performs other duties as assigned; duties, responsibilities and/or activities may change or new ones may be assigned at any time with or without notice
• Complies with all KeyBank policies and procedures, including without limitation, acting professionally at all times, conducting business ethically, avoiding conflicts of interest, and acting in the best interests of Key’s clients and Key.

Education Qualifications

• Bachelor's Degree Computer Science, Information Security, or related field (required)

Experience Qualifications

• 10+ years Cybersecurity practitioner roles with increasing levels of responsibility; experience leading Security Operations Centers and Cyber Incident Management teams necessary. (required)
• 10+ years Leadership experience in a senior leadership role leading CDC teams. (required)
• 10+ years Cybersecurity practitioner roles with increasing levels of responsibility (required)
• 10+ years Experience leading Security Operations Centers and Cyber Incident Management teams (preferred)
• 10+ years Experience in operating and working with security operations solutions, building/maintaining processes for vulnerability assessment, remediation, event analysis, incident management, and threat identification. (required)
• 10+ years Experience in working in a heterogeneous technology environment (e.g., on-prem, cloud, and SaaS). (required)
• 10+ years Familiarity with implementing and maintaining programs to align with industry-leading security frameworks (e.g., NIST CSF 2.0, Cyber Risk Institute Profile, Cloud Security Alliance Cloud Controls Matrix). (required)

Core Competencies

• All KeyBank employees are expected to demonstrate Key’s Values and sustain proficiency in identified Leadership Competencies.

Physical Demands

• IT - Crawling, bending, walking, frequent lifting/carrying of up to 50 lbs., frequent use of hands to manipulate/grasp objects, frequent use of PC/laptop, routine pushing/pulling of empty or loaded carts, use of pallet jack to move equipment.

Travel

• Occasional travel to include overnight stay.

Driving Requirements

• Ability to occasionally operate a motor vehicle with a valid driver's license.

Key has implemented a role-based Mobile by Design approach to our employee workspaces, dedicating space to those whose roles require specific workspaces, while providing flexible options for roles which are less dependent on assigned workspaces and can be performed effectively in a mobile environment. As a result, this role may be Mobile or Home-based, which means you may work primarily either at a home office or in a Key facility to perform your job duties.

Job Posting Expiration Date: 09/09/2024

KeyCorp is an Equal Opportunity and Affirmative Action Employer committed to building a diverse, equitable and inclusive culture. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status or other protected category.

 

Qualified individuals with disabilities or disabled veterans who are unable or limited in their ability to apply on this site may request reasonable accommodations by emailing HR_Compliance@keybank.com.

#LI-Remote