Information Security Business Integration Lead in Raleigh, NC at Volt

Date Posted: 5/15/2018

Job Snapshot

  • Employee Type:
  • Location:
    Raleigh, NC
  • Job Type:
    Computer Industry
  • Duration:
    48 weeks
  • Date Posted:
  • Job ID:
  • Contact Name
    Volt Branch
  • Phone

Job Description

Our client,  a leading corporate reseller of software, hardware, and related services is currently hiring for a Information Security Business Integration Lead  This position can be based in Raleigh, Greensboro, or Winston-Salem NC.

Corporate Information Security (CIS) strives to achieve an effective balance by partnering with LOBs to align incentives and devise strategies that achieve shared objectives and mutually desirable outcomes.  CIS is seeking a seasoned information security professional, who can clearly communicate information security strategies and initiatives to business leaders within a specified LOB or across a high impact business support function.  The Information Security Business Integration Lead will: 

  • Represent CIS across all aspects of an assigned LOB or business support function.
  • Partner with key stakeholders from within the LOB (including LOB Senior Management), CIS, and other groups throughout client IT Services to offer transparency on matters pertaining to Information Security.
  • Provide leadership and direction to ensure program elements including risk assessments, application development, project management, and ongoing operations reflect CIS requirements.
  • Act as a thought leader and trusted partner enabling the LOB to more aggressively leverage its capabilities to drive business value and strengthen its role in upholding BB&T's competitive advantage.

Essential Duties and Responsibilities:

Following is a summary of the essential functions for this job.  Other duties may be performed, both major and minor, which are not mentioned below.  Specific activities may change from time to time.

  1. Establish relationships with LOB leadership and other key stakeholders to promote a sense of shared ownership of information security objectives and to achieve an effective blend of business and security strategies. 
  2. Engage in regular communications with LOB management to offer transparency on matters pertaining to information security and how they relate to, or potentially impact, LOB processes.  Attend and participate in meetings to facilitate integration efforts. 
  3. Provide regular updates to CIS management on LOB strategies, critical projects and related risks, potential policy exceptions, and other items, as applicable.
  4. Surface and execute upon opportunities to improve LOB security.
  5. Ensure information security requirements are properly represented throughout LOB processes including risk assessments, new product evaluations, application development, testing, and ongoing operations.
  6. Engage, as necessary, in LOB sponsored projects and advise on information security related matters. 
  7. Act as a liaison between LOB and subject matter experts from within CIS. 
  8. Govern and seek compliance to CIS policies and standards within assigned LOB.
  9. Maintain awareness of applicable regulations and/or industry guidance and align related processes and requirements accordingly.
  10. Interface with all levels of LOB associates, including those in the Information Security Compliance Management (ISCM) network, to promote security awareness and training.
  11. Participate in internal and external audit and regulatory exams for information security questions directed toward assigned LOB.

Required Skills and Competencies:

The requirements listed below are representative of the knowledge, skill and/or ability required.  Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

  1. Bachelor’s degree in information technology, business, or related discipline, or equivalent experience
  2. Minimum of ten years of demonstrated experience in an Information Security or IT Risk Management function, preferably at a financial institution.
  3. Ability to relate business requirements and risks to technical controls, systems and processes.
  4. Highly adaptable to a constantly changing business and technology environment
  5. Familiarity with multi-platform environments and their operational/security risk considerations
  6. Strategic thinker with ‘big picture’ perspective and a broad understanding of information security, risk management, and their direct applications to business process
  7. Excellent leadership skills with the ability to leverage cross-functional teams to meet defined objectives
  8. Excellent negotiation skills with proven ability to identify, influence, and persuade key decision makers at multiple levels of the organization
  9. Strong oral and written communications skills; strong presentation and marketing skills
  10. Experience with internal audit processes and/or external regulatory examinations.
  11. Technical skills will include one or more of the following: in-depth understanding of network security issues, firewalls, intrusion detection, authentication, hacker tools and methodology, vulnerability management, or incident response.
  12. Ability to travel as-needed.
  13. 50%/50% business/technology acumen

Desired Skills:

  1. Master’s Degree in Business Administration or related field
  2. Experience with Information Security frameworks or standards such as ISO27001 or COBIT
  3. Experience with IT Solution Architecture concepts and frameworks.
  4. Experience with Security Requirements identification and documentation.
  5. Understanding of Business Process Improvement methodologies
  6. Familiarity with audit processes as they relate to SOX, PCI-DSS, and GLBA information protection requirements
  7. One of the following certifications:  CISSP, CISM, GSEC, CISA, PMP