| •Providing a secure and trustworthy customer journey is one of our most important objectives. In order to expand our cybersecurity capabilities, DFS is seeking a Cybersecurity Architecture Specialist within the designated regional Cybersecurity Team to help implement and maintain a global AE strategy. The Cybersecurity Architecture Specialist will report directly to the Regional Information Security Officer (RISO)
•The main objective for the Cybersecurity Architecture Specialist is to review, evaluate and implement cybersecurity solutions that promote interoperability and manageability throughout the systems development life cycle while meeting DFS' risk management needs and business requirements
Task description
•The Specialist will assess, design, deploy and maintain security architectures, solutions and technologies in a manner that promotes interoperability and manageability
-Evaluate acquired or developed systems to ensure alignment with DFS cybersecurity strategy
-Develop and provide implementation guidance to ensure enterprise components at the regional and market levels are properly integrated and aligned with global strategies, polices and standards
-Conduct architecture meetings with relevant stakeholders as needed to collaborate on AE strategy and implementations
-Assist in the creation of design documents for global, regional, and market driven initiatives
-Identify and evaluate tools and techniques to capture, model and analyze security architecture options
-Maintain a consistent set of reference cyber architectures and their alignment to technical, service and business architectures as required within the region
•The Specialist will be responsible for the deployment of cybersecurity solutions in alignment with business needs, DFS architectural principles, security protection requirements, and required functionality throughout the systems development life cycle
-Support the deployment of cybersecurity solutions in compliance with DFS' global cybersecurity policies and standards
-Define impact of new systems or applications to DFS’ cybersecurity posture
•The Specialist is responsible for keeping abreast of the latest trends in cybersecurity architecture and risk management
-Stay current on industry leading practices and technologies
-Actively contribute to requests for input and feedback into global Security Operations data protection and vulnerability management initiatives
-Facilitate meetings with business members and participate in projects relating to changes in security architecture and solutions
•The Specialist will deploy and operate application security capabilities, solutions and requirements consistently across the region
-Systemically identify and document application level vulnerabilities
-Communicate identified vulnerabilities and recommended mitigation strategies
-Coordinate with the markets and monitor remediation activities
-Provide guidance and recommendations for remediating application vulnerabilities
-Track and report on remediation status
-Facilitate and deliver targeted application security training |
| •Education
-Bachelor’s or Master’s degree in Computer Science, Information Security, Information Systems, Computer Engineering, or a related field is required
•Experience
-Minimum of 5 years of relevant work experience in cybersecurity architecture and engineering
-Experience in building architectures and frameworks while applying cybersecurity principles
-Experience in system and network planning and integration into proposed business solutions
-Experience with one or more general purpose programming languages including but not limited to: Java, C/C++, Objective C, Python, and JavaScript
-Experience in network mapping and environmental discovery
-Experience in developing and implementing physical and logical countermeasures to identified security risks
-Experience interacting with development teams to articulate requirements and processes while collaborating on architecture and engineering design options, implementation, testing and user acceptance
-Experience identifying, evaluating and managing risk in a complex and changing environment
-Experience discerning an organization’s security controls for information systems and networks based on vulnerabilities and business needs
-Experience working on a global team is preferred. Financial Services, Fintech and/or Banking and automotive experience preferred
-Strong cybersecurity architecture and engineering experience in a large complex business organization
-Requirements/Knowledge
-Deep understanding of a large organization’s IT architectural concepts and patterns
-Highly proficient in network security, firewall and ACL rules, network protocols and operation of physical and logical network devices and infrastructure
-Highly skilled in implementation of secure application architectures, encryption technologies, cryptography and key management, and authentication and control of application permissions
-Strong understanding of systems development life-cycle (SDLC)
-Highly proficient in the configuration and deployment of cybersecurity tools and solutions in complex environments.
-An understanding of emerging technology and digital trends and their impacts on cybersecurity
-Strong understanding of risk-based decision-making
-Deep understanding of the operational impacts of cybersecurity lapses
-High level of time management, organizational skills, and attention to detail with integrity and ownership of work
-Solid ability to communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means
-Working knowledge of TOGAF and SABSA methodologies for creation of baseline and target architectural blueprints
-At least one of the following certifications is required or must be obtained within your first 12 months of employment at DFS: CISSP, CCNA, CCENT, CCNP, GSEC, or MCSA |
