This site uses cookies. To find out more, see our Cookies Policy
Skip to navigation
Skip to main content
Skip to footer

Information Security Strategy Architect in Columbus at Huntington

Date Posted: 3/8/2019

Job Snapshot

Job Description

This position can be filled at Easton in Columbus, OH or at Pittsburgh.

Brief Description:
Information Security Strategy Architect develops and deliver solutions that protect enterprise systems, applications and data by establishing strategies, policies and practices that prevent unauthorized access, use, disclosure, modification or disruption. The positiondevelops and delivers solutions for evaluating and mitigating enterprise IT security risks, establishing security policies and practices, implementing controls, and educating stakeholders. Applies industry security standards, best practices in infrastructure and application security, and threat assessment frameworks such as MITRE ATT&CK and Microsoft STRIDE to develop and communicate enterprise information security strategies. The position also closely follows the strategic business directionset by senior Huntington management when establishing information security strategies and roadmaps.
Ideal candidates should be experienced information security consultants with demonstrated experience advising on security strategy at the Chief Information Security Officer (CISO) level and above. Should possess a proven record of management experience, security thought leadership and be recognized for business acumen. It is preferred that the candidate have experience assessing gaps against multiple standards and frameworks including Payment Card Industry Data Security Standard (PCI-DSS), FFIEC, NIST, GLBA, HIPAA, etc. and have experience in formulating security roadmaps to bridge identified gaps. Candidates must be a self-starter, demonstrate communication skills, and exhibit professional business demeanor at all times.

Detailed Responsibilities:
*Lead workshops in order to understand organizational cybersecurity problems, expected outcomes, and formulate strategic direction to help address in the short, mid and long term
*Partner with other information security leadership team members to collectively build and drive information security programs, strategies, and roadmaps
*Working directly with business and technology organizations to design and implement security strategies and architectures across platforms and for a variety of security solutions
*Working with information security control domain leads and various partners to evaluate investments, staffing, target solutions, and cost of owner expectations
*Building business cases that include financial and risk reduction projections to articulate the mission and anticipated goals of a particular security strategy
*Performing security program assessments, documenting gaps, requirements analysis, and creating strategic implementation roadmaps
*Ability to understand business direction and create optimized security organizations and architectures to meet needs
*Ability to show return on investment for security and technology investments
*Ability to translate technical requirements into business terms for executive stakeholders
*Enhances security team accomplishments and competence by answering technical and procedural questions for less experienced team members; teaching improved processes; mentoring team members

Basic Qualifications:
*Bachelor's degree
*Minimum 5 years of experience in information technology engineering or operations which includes 3 years of information security experience and 1 year compliance experience (FFIEC, PCI DSS, SOX, CobiT, HIPAA, or GLBA), Security consulting experience, or Architecture experience

Preferred Qualifications:
*Minimum of 1 years of management experience
*Strongly prefer industry-adopted security certifications (e.g. CISSP, CISA, CISM, CRISC, CEH)
*Experience with information security governance, data security and information privacy responsibility along with one or more of the following: security services, managed detection and response, cloud security strategy, system integration, SSDLC, vulnerability management, application security or secure DevOps
*Risk management framework experience (e.g. NIST 800-30)
*Experience with project management
*Eagerness to contribute in a team-oriented environment
*Ability to work creatively and analytically in a problem-solving environment
*Desire to work in a dynamic and fast paced information systems environment
*Excellent communication (written and oral) and interpersonal skills
*Comfortable with senior management (C-Level) interactions
*Demonstrated leadership, teamwork and collaboration in a professional setting

EEO/AA Employer/Minority/Female/Disability/Veteran/Sexual Orientation/Gender Identity Tobacco-Free Hiring Practice: Visit Huntington's Career Web Site for more details. Huntington does not accept solicitation from Third Party Recruiters for any position.