Logo
First Interstate

Cybersecurity Architect

First Interstate, Sioux Falls, South Dakota, United States, 57102


**If you are a current FIB employee, please apply through the Career Worklet in the Employee Portal.

This position can be located in Billings, MT or Sioux Falls, SD.What's Important to YouWe know your career is just one aspect of a meaningful, complex, and demanding life. That's why we designed our compensation and benefits package to provide employees and their families with as much choice as possible.Generous Paid Time Off (PTO) in addition to paid federal holidays.Student debt employer repayment program.401(k) retirement plan with a 6% match.The health and happiness of the places we call home matter to us. Learn a little more about what we do for the communities we serve, and why we want YOU to be a part of it.We encourage you to apply. Reach for what you want and tell us why your work ethic and willingness to learn make you a natural fit for

#TeamFirstInterstate.SUMMARYPlays an integral role in defining and assessing the organization's security strategy, architecture and practices at First Interstate Bank. Required to effectively translate business objectives and risk management strategies into specific security processes enabled by security technologies and services.ESSENTIAL DUTIES & RESPONSIBILITIES

include the following: other duties may be assigned.Develops security strategy plans and roadmaps based on sound enterprise architecture practices for all environments including cloud and on-premise infrastructure.Develops and maintains security architecture artifacts (e.g., models, templates, standards and procedures) leveraging the Enterprise Architecture tool that can be used to understand and integrate security capabilities in projects and operations.Develops standards and assist in developing practices for data encryption and tokenization in the organization, based on the organization's data classification criteria.Drafts architecture security standards to be reviewed and approved by executive management and/or formally authorized by the Chief Information Security Officer (CISO).Documents and addresses organization's information security, cybersecurity architecture, and systems configuration and security engineering requirements throughout the acquisition life cycle.Performs security reviews, identifies gaps in security architecture, and develops a security risk management plan.Validates IT infrastructure and other reference architectures for security best practices and recommend changes to enhance security and reduce risks, where applicable.Coordinates with the Enterprise Architecture team to develop and maintain a security architecture process that enables the enterprise to develop and implement security solutions and capabilities that are clearly aligned with business, technology and threat drivers.Collaborates with the IT teams to define baseline security configuration standards for operating systems (e.g., OS hardening), network segmentation, identity and access management (IAM), and cloud deployments.Coordinates with the privacy officer or office to document data flows of sensitive information in the organization (e.g., PII or ePHI) and recommend controls to ensure that this data is adequately secured (e.g., encryption and tokenization).Liaises with the vendor management (VM) team to conduct security assessments of existing and prospective vendors, especially those with which the organization shares intellectual property (IP), as well as regulated or other protected data for third party providers.Evaluates the statements of work (SOWs) and master services agreements (MSAs) for these providers to ensure that adequate security protections are in place. Assesses the providers' audit reports for security-related deficiencies and required "user controls" and report any findings to the CISO and vendor management teams.Liaises with the internal audit (IA) team to review and evaluate the design and operational effectiveness of security-related controls.QUALIFICATIONSKnowledge and experience with financial regulations such as Payment Card Industry Data Security Standard (PCI-DSS), Sarbanes-Oxley (SOX)Privacy PracticesGramm-Leach-Bliley Act (GLBA)NIST Cybersecurity Framework (CSF)Center for Internet Security (CIS) Critical Security ControlOther cyber security frameworks, architecture, and technologyExperience in using architecture frameworks such as The Open Group's TOGAFDirect, hands-on experience or strong working knowledge of managing security infrastructure - e.g., firewalls, intrusion prevention systems (IPSs), web application firewalls (WAFs), endpoint protection, SIEM and log management technology, and vulnerability management toolsFull-stack knowledge of IT infrastructure:

ApplicationsDatabasesOperating systems - Windows, Unix and LinuxHypervisorsIP networks - WAN and LANStorage networks - Fibre Channel, iSCSI and NASBackup networks and mediaContainers/KubernetesPublic cloud servicesSecuring public cloud services

EDUCATION & EXPERIENCEBachelor's or Master's degree in computer science, information systems, cybersecurity or a related field. Is required.1-3 years' Experience as a Cybersecurity Architect or Engineer designing or building multiple components of an IT or cybersecurity infrastructure.Certified Information Systems Security Professional preferred orCertified Information Systems Auditor preferred orCertified Information Security Manager preferred orGlobal Information Assurance Certification preferredPHYSICAL DEMANDS AND WORKING ENVIRONMENTThe physical demands and work environment are representative of those that must be met or encountered to successfully perform the essential functions of the job. In compliance with the Americans with Disabilities Act, the company provides reasonable accommodation to qualified individuals with disabilities and encourages both prospective and current employees to discuss potential accommodations with the employer.Dexterity of hands/fingers to operate computer keyboard and mouse - FrequentlySitting - FrequentlyStanding - OccasionallyNoise Level - ModerateRegular and Predictable Attendance - RequiredTypical Work Hours - M-F (8-5)Lifting- Occasionally up to 50lbs**If you are a current FIB employee, please apply through the Career Worklet in the Employee Portal.