Cybersecurity Architect - Principal

DescriptionThe Cybersecurity Architect - Principal reports to the Cybersecurity Architect Senior Manager and frequently interacts with the Chief Information Security Officer, as well as audit and compliance. The Cybersecurity Architect - Principal is responsible for designing security solutions that protect business and customer data, but also allow the business to execute and innovate.

The Cybersecurity Architect - Principal works closely with many diverse and dynamic teams, including, but not limited to, security engineering, IT infrastructure, application development, security operations, security audit and end users. This position is also responsible for architecting solutions to secure business-to-business initiatives, third-party relationships, outsourced solutions and vendors.

The Cybersecurity Architect - Principal provides expert guidance for addressing current security issues but has the foresight to see where the industry is headed and proactively deliver optimal secure solutions. The architect is expected to think like an adversary and identify how solutions should evolve as the threat landscape changes.

The position is 40% security architecture, 50% technical leadership, and 10% research and development. The individual partners with product managers and solution architects to set the security direction of offerings and articulates the value proposition.  Also, the position provides guidance to Line of Business CIOs and is the final approver of information security controls on projects.

Guides businesses to leverage common information security patterns
Partners with subject matter experts to improve information security patterns and services

Duties and Responsibilities:

• Deliver cybersecurity architecture work associated with projects delivery and roadmaps
• Provide technical leadership to the cybersecurity organization
• Perform research and development associated with enabling future cybersecurity capabilities

Basic Qualifications:

• 4+ years cybersecurity architecture
• 8+ years of information security experience
• 10+ years of experience delivering technology solutions in large-scale complex organizations
• Associate's Degree

 
Preferred Qualifications:

Extensive knowledge of traditional security controls and technologies, such as:

• Security Information and Event Management (SIEM) systems, intrusion detection/prevention systems (IDS/IPS), public key infrastructure (PKI), identity and access management (IDAM) systems, antivirus and firewalls.
• Newer offerings such as endpoint detection and response (EDR),  threat intelligence platforms, security automation and orchestration, deception technologies and application controls
• Experience with a broad range of mobile and wed application design, development, and management principles, practices, and procedures 
• Experience influencing management on technical and business solutions
• Experience in cloud computing technologies, including software-, infrastructure and platform-as-a-service, as well as public, private and hybrid environments
• Excellent verbal, written, and interpersonal communication skills
• Knowledge and understanding of data protection technologies and practices
• Knowledge and understanding of threat analysis and assessment of potential and current information security risk/threats
• Strong understanding of application or software security such as: dynamic application security testing, secure code review, and secure static code analysis
• Knowledge and understanding of cryptography and key management
• Knowledge and understanding of service-oriented architecture and associated security controls
• Knowledge and understanding of enterprise authentication and authorization technologies such as LDAP, SAML, XACML, and reverse authenticating proxies.
• General understanding of diverse platforms and operating systems, including current and emerging technologies
• Certified Information Systems Security Professional (CISSP)
•  5+ years of experience in architecture, governance, risk management, PCI DSS control governance, application security, encryption, key management, and identity and access management
• Experience architecting applications for financial services business

#Hybrid

#LI-SG1

#LI-BM1

Exempt Status: (Yes = not eligible for overtime pay) (No = eligible for overtime pay)

Yes

Workplace Type:

Office

Our Approach to Office Workplace Type

Certain positions outside our branch network may be eligible for a flexible work arrangement. We’re combining the best of both worlds:  in-office and work from home. Our approach enables our teams to deepen connections, maintain a strong community, and do their best work. Remote roles will also have the opportunity to come together in our offices for moments that matter. Specific work arrangements will be provided by the hiring team.

Huntington is an Equal Opportunity Employer.

Tobacco-Free Hiring Practice: Visit Huntington's Career Web Site for more details.

Note to Agency Recruiters:  Huntington Bank will not pay a fee for any placement resulting from the receipt of an unsolicited resume.  All unsolicited resumes sent to any Huntington Bank colleagues, directly or indirectly, will be considered Huntington Bank property. Recruiting agencies must have a valid, written and fully executed Master Service Agreement and Statement of Work for consideration.