The position is described below. If you want to apply, click the Apply Now button at the top or bottom of this page. After you click Apply Now and complete your application, you'll be invited to create a profile, which will let you see your application status and any communications. If you already have a profile with us, you can log in to check status.Need Help? (https://www.brainshark.com/bbandt/careers-site-faq)If you have a disability and need assistance with the application, you can request a reasonable accommodation. Send an email to Accessibility (careers@truist.com?subject=Accommodation%20request)(accommodation requests only; other inquiries won't receive a response).Regular or Temporary:RegularLanguage Fluency: English (Required)Work Shift:1st shift (United States of America)Please review the following job description:The Head of Security Technology is critical for safeguarding the institution's digital assets, customer information, and ensuring the integrity of our financial services in a highly regulated environment. The role encompasses overseeing the development and implementation of our security architecture and engineering frameworks to ensure robust protection of our information systems and customer data. The successful candidate will demonstrate a blend of technical expertise, leadership skills, and an understanding of the financial services landscape. The role will set the vision; establish effective standards/ processes; set/monitor quality performance expectations/results. Interface with senior executives across the enterprise to develop a strategic plan for delivering Information Technology (IT) solutions which address critical business requirements. Partner with line of business (LOB) leaders to secure the appropriate investment level in technology to achieve business goals and be advocate for the business partners within IT. Maintain a focus on improving delivery effectiveness, software and data quality, and risk mitigation. Integrate people, process and technology in order to increase client shareholder value.ESSENTIAL DUTIES AND RESPONSIBILITIESFollowing is a summary of the essential functions for this job. Other duties may be performed, both major and minor, which are not mentioned below. Specific activities may change from time to time.Primary Roles & Responsibilities
Strategy and Leadership: Set strategic direction for security technology in alignment with the Business Strategy and Technology standards and provide thought leadership in the development of an enterprise strategic IT plan. Lead, inspire, and manage a high-performing team of security architects and engineers. Lead the information security technology team, fostering a culture of innovation, agility, and continuous improvement. Collaborate with senior management across departments to integrate security practices into the organizational fabric, fostering a security-first mindset. Define and lead the institution's information security architecture and engineering strategy, aligning with business goals and regulatory compliance. Foster a culture of continuous improvement, professional growth, and knowledge sharing within the team.
Technology Solutions: Maintain a high level of awareness and understanding of existing and emerging technologies, as well as industry and bank issues, to effectively match them. End to end accountability to identify and design security solutions that best protect the business operations of the enterprise. Design and maintain a secure architectural blueprint for the organization, addressing all layers of the tech stack in alignment with industry best practices and regulatory requirements. Direct the engineering of security solutions and controls, including but not limited to identity and access management, network security, and data protection technologies. Champion the adoption of secure software development practices and work closely with IT and development teams to integrate security into the development lifecycle. Lead security assessments and reviews, ensuring architectural solutions mitigate identified risks and comply with regulatory requirements. Innovate and implement cutting-edge security technologies and methodologies, including secure software development practices, to defend against current and emerging threats. Manage the life cycle of existing application software systems (and monitor the need for new capabilities) to provide cost effective functional, flexible, and scalable solutions.
Risk Management: Maintain appropriate risk posture through owning the first line of security technology risk, proactively identifying risks, and implementing the necessary mitigations where warranted. Partner effectively with 2nd line of defense, Auditor, and regulators to ensure Risk is identified and mitigated appropriately. Monitor and analyze emerging external and internal information security threats. Develop proactive measures to mitigate those threats and vulnerabilities. Spearhead the development and operationalization of security engineering projects, ensuring the seamless integration of security measures into our technology infrastructure. Collaborate with internal compliance and risk teams to conduct regular audits, identify vulnerabilities, and execute strategic remediations. Collaborate with compliance and risk management teams to ensure that information security technologies meet or exceed regulatory and industry standards.
Budget and Resource Management: Lead security technology staff (to include development, counseling, conducting performance appraisals, setting performance expectations etc.) and evaluate processes on a regular basis. Implement new or improved processes or procedures that improve quality of work produced by the unit or eliminates/reduces operating expenses. Manage the budget for technology initiatives within the Information Security Technology department. Optimize resource allocation, both human and technological.
Vendor and Stakeholder Management: Consult with clients, staff, and colleagues to identify and design security solutions that best protect the business needs of the enterprise. Broker and direct the design, engineering, and implementation, of security solutions in support of corporate objectives, to include determining whether to use internal or external labor, build or buy, leverage Cloud as appropriate, and using a variety of tools, etc. Collaborate with third-party vendors to implement and maintain information security systems. Establish and maintain strong relationships with internal and external stakeholders, including law enforcement agencies and regulatory bodies.
QUALIFICATIONSRequired Qualifications:The requirements listed below are representative of the knowledge, skill and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
Equivalent combination of advanced education and related experience, which could include any combination of: Bachelor’s or Master’s degree in Computer Science, Information Technology, or a related field, Ten years’ experience managing security architects, engineers and systems analysts, Ten years’ relevant business experience (i.e. making technical-related decisions on the business side), Five years’ managing a large staff, (including managing managers), and Five years’ experience with budget responsibilities.
Proven experience in a senior technology leadership role, preferably in a financial institution with a focus on information security risk management.
Extensive knowledge of processes and technology solutions to prevent, detect, and respond to information security events.
Strong understanding of banking operations, risk management, and regulatory compliance.
Ability to translate enterprise level strategic planning information into software and data management needs, create business plans, and turn them into effective business solutions.
Executive level communications skills, including, strong negotiation/facilitation/presentation skills and experience negotiating with vendors for relevant products and services.
Extensive project management experience to include multi-million-dollar projects completed on time, within budget and delivering quality results.
Strong analytical and architectural skills.
Ability to manage a high volume of internal client relationships.
Knowledge of all phases of software engineering life cycle and experience with process improvement models.
Familiarity with financial industry regulations and standards (e.g., GDPR, CCPA, PCI-DSS, SOX) and the ability to navigate the regulatory landscape effectively.
Preferred Qualifications:
Previous experience as a Federal or State regulator overseeing IT Risk Management at large complex financial institutions.
Previous experience working on Industry and regulatory consortiums addressing IT Risk.
Understanding and past experience in Anti-Money Laundering and/or Financial Fraud detection and prevention.
Experience in implementing multiple software engineering delivery methodologies.
General Description of Available Benefits for Eligible Employees of Truist Financial Corporation: All regular teammates (not temporary or contingent workers) working 20 hours or more per week are eligible for benefits, though eligibility for specific benefits may be determined by the division of Truist offering the position. Truist offers medical, dental, vision, life insurance, disability, accidental death and dismemberment, tax-preferred savings accounts, and a 401k plan to teammates. Teammates also receive no less than 10 days of vacation (prorated based on date of hire and by full-time or part-time status) during their first year of employment, along with 10 sick days (also prorated), and paid holidays. For more details on Truist’s generous benefit plans, please visit our Benefits site (https://benefits.truist.com/). Depending on the position and division, this job may also be eligible for Truist’s defined benefit pension plan, restricted stock units, and/or a deferred compensation plan. As you advance through the hiring process, you will also learn more about the specific benefits available for any non-temporary position for which you apply, based on full-time or part-time status, position, and division of work.Truist supports a diverse workforce and is an Equal Opportunity Employer that does not discriminate against individuals on the basis of race, gender, color, religion, citizenship or national origin, age, sexual orientation, gender identity, disability, veteran status or other classification protected by law. Truist is a Drug Free Workplace.EEO is the Law (https://www.eeoc.gov/sites/default/files/2022-10/EEOCKnowYourRightsscreenreader1020.pdf)Pay Transparency Nondiscrimination Provision (https://www.dol.gov/sites/dolgov/files/OFCCP/pdf/pay-transp%20EnglishformattedESQA508c.pdf)E-Verify (https://e-verify.uscis.gov/web/media/resourcesContents/E-VerifyParticipationPosterES.pdf)
