Cybersecurity Architect Job at First Interstate in Billings
First Interstate, Billings, MT, United States, 59107
This position can be located in Billings, MT or Sioux Falls, SD.
What's Important to You
We know your career is just one aspect of a meaningful, complex, and demanding life. That's why we designed our compensation and benefits package to provide employees and their families with as much choice as possible.
- Generous Paid Time Off (PTO) in addition to paid federal holidays.
- Student debt employer repayment program.
- 401(k) retirement plan with a 6% match.
- The health and happiness of the places we call home matter to us. Learn a little more about what we do for the communities we serve, and why we want YOU to be a part of it.
We encourage you to apply. Reach for what you want and tell us why your work ethic and willingness to learn make you a natural fit for #TeamFirstInterstate.
SUMMARY
Plays an integral role in defining and assessing the organization's security strategy, architecture and practices at First Interstate Bank. Required to effectively translate business objectives and risk management strategies into specific security processes enabled by security technologies and services.
ESSENTIAL DUTIES & RESPONSIBILITIES include the following: other duties may be assigned.
- Develops security strategy plans and roadmaps based on sound enterprise architecture practices for all environments including cloud and on-premise infrastructure.
- Develops and maintains security architecture artifacts (e.g., models, templates, standards and procedures) leveraging the Enterprise Architecture tool that can be used to understand and integrate security capabilities in projects and operations.
- Develops standards and assist in developing practices for data encryption and tokenization in the organization, based on the organization's data classification criteria.
- Drafts architecture security standards to be reviewed and approved by executive management and/or formally authorized by the Chief Information Security Officer (CISO).
- Documents and addresses organization's information security, cybersecurity architecture, and systems configuration and security engineering requirements throughout the acquisition life cycle.
- Performs security reviews, identifies gaps in security architecture, and develops a security risk management plan.
- Validates IT infrastructure and other reference architectures for security best practices and recommend changes to enhance security and reduce risks, where applicable.
- Coordinates with the Enterprise Architecture team to develop and maintain a security architecture process that enables the enterprise to develop and implement security solutions and capabilities that are clearly aligned with business, technology and threat drivers.
- Collaborates with the IT teams to define baseline security configuration standards for operating systems (e.g., OS hardening), network segmentation, identity and access management (IAM), and cloud deployments.
- Coordinates with the privacy officer or office to document data flows of sensitive information in the organization (e.g., PII or ePHI) and recommend controls to ensure that this data is adequately secured (e.g., encryption and tokenization).
- Liaises with the vendor management (VM) team to conduct security assessments of existing and prospective vendors, especially those with which the organization shares intellectual property (IP), as well as regulated or other protected data for third party providers.
- Evaluates the statements of work (SOWs) and master services agreements (MSAs) for these providers to ensure that adequate security protections are in place. Assesses the providers' audit reports for security-related deficiencies and required "user controls" and report any findings to the CISO and vendor management teams.
- Liaises with the internal audit (IA) team to review and evaluate the design and operational effectiveness of security-related controls.
QUALIFICATIONS
- Knowledge and experience with financial regulations such as Payment Card Industry Data Security Standard (PCI-DSS), Sarbanes-Oxley (SOX)
- Privacy Practices
- Gramm-Leach-Bliley Act (GLBA)
- NIST Cybersecurity Framework (CSF)
- Center for Internet Security (CIS) Critical Security Control
- Other cyber security frameworks, architecture, and technology
- Experience in using architecture frameworks such as The Open Group's TOGAF
- Direct, hands-on experience or strong working knowledge of managing security infrastructure - e.g., firewalls, intrusion prevention systems (IPSs), web application firewalls (WAFs), endpoint protection, SIEM and log management technology, and vulnerability management tools
- Full-stack knowledge of IT infrastructure:
- Applications
- Databases
- Operating systems - Windows, Unix and Linux
- Hypervisors
- IP networks - WAN and LAN
- Storage networks - Fibre Channel, iSCSI and NAS
- Backup networks and media
- Containers/Kubernetes
- Public cloud services
- Securing public cloud services
EDUCATION & EXPERIENCE
- Bachelor's or Master's degree in computer science, information systems, cybersecurity or a related field. Is required.
- 1-3 years' Experience as a Cybersecurity Architect or Engineer designing or building multiple components of an IT or cybersecurity infrastructure.
- Certified Information Systems Security Professional preferred or
- Certified Information Systems Auditor preferred or
- Certified Information Security Manager preferred or
- Global Information Assurance Certification preferred
PHYSICAL DEMANDS AND WORKING ENVIRONMENT
The physical demands and work environment are representative of those that must be met or encountered to successfully perform the essential functions of the job. In compliance with the Americans with Disabilities Act, the company provides reasonable accommodation to qualified individuals with disabilities and encourages both prospective and current employees to discuss potential accommodations with the employer.
Dexterity of hands/fingers to operate computer keyboard and mouse - Frequently
Sitting - Frequently
Standing - Occasionally
Noise Level - Moderate
Regular and Predictable Attendance - Required
Typical Work Hours - M-F (8-5)
Lifting- Occasionally up to 50lbs
**If you are a current FIB employee, please apply through the Career Worklet in the Employee Portal.