First Citizens Bank logo
First Citizens Bank

First Citizens Bank offers a full line of financial services and focuses on individuals, as well as small to medium-sized businesses. As an employer, the compan

Cyber Security Architect

Location

United States

Posted

2 days ago

Salary

$143K - $185K / year

Seniority

Mid Level

Job Description

Cyber Security Architect

First Citizens Bank

Role Description This is a remote role that may be hired in several markets across the United States. Remote with ability to travel to Raleigh, North Carolina, Phoenix, Arizona or Morristown, New Jersey, on an as needed basis. This position is responsible for delivering architecture intent to enterprise stakeholders and the Information Security organization at-large, that ensures the secure realization of business initiatives in a manner consistent with the Bank’s current and future risk appetite. - Security Strategy: Assists in designing and implementing security strategies for assigned subject matter domain (e.g., Identity and Access Management, Compute) and Information Security, at-large based on knowledge of the assigned-domain; bank policies and standards; current, and anticipated, regulatory requirements; and expected threats and associated risks. - Security Architecture: Review existing and proposed architectures, identify security gaps – through threat modeling and/or technical risk assessment, and recommend changes and/or enhancements. Continuously enhance process(es) to drive scale, consistency, repeatability, to this end. - Solutions Architecture: As required, function as a solutions architect for security solutions; provide the initial solutions architecture, assist with foundational integrations, and lead the initial implementation of solutions. - Business Support: Serve as an Information Security subject matter expert, providing advisory and consulting services to stakeholders, as required. Effectively communicate to technical and non-technical audiences alike in both oral and written form. - Continuous Education: Maintains a strong knowledge of developments in information technology, developments in security technology, and emerging security threats. Utilizes knowledge to influence security strategy – e.g., identity technology capabilities needed to address threats; establish secure design patterns for emergent technologies. Qualifications - Bachelor's Degree and 8 years of experience in Information Technology including Information Security OR High School Diploma or GED and 12 years of experience in Information Technology including Information Security. - 4+ years of providing architecture and/or security architecture subject matter expertise in a large-scale enterprise environment. - Demonstrable experience with threat modelling (e.g., PASTA, STRIDE, DREAD) and technical risk assessment in an enterprise environment. - Familiarity with one or more Industry-standard security frameworks – e.g., NIST RMF, NIST CSF, COBIT, ISO, CIS, CSA CCM. - Familiarity with one or more Industry-standard architectural frameworks – e.g., TOGAF, DODAF, Zachman. - Familiarity with one or more cyber-attack taxonomies (e.g., CAPEC, ATT&CK). - Advanced Security Certifications, such as Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM) are highly desirable. - Experience with scripting and/or programming. - Effective communicator, capable of effectively translating and presenting complex technical concepts to both technical and non-technical management and customers, through oral presentations and written media (white papers and demonstrations). - Exceptional interpersonal skills and a collaborative spirit that enables you to work effectively with stakeholders at all levels, agnostic of background. - Strategic planning and execution, with a talent for turning complex challenges into actionable solutions. - Strong analytical skills with high attention to detail and accuracy with the ability to use data-driven metrics to communicate change and risk reduction. - Large Financial Institution (LFI) experience. Requirements - This job posting is expected to remain active for 30 days from the initial posting date listed above. If it is necessary to extend this deadline, the posting will remain active as appropriate. Job postings may come down early due to business need or a high volume of applicants. - The base pay for this position is generally between $143,000 and $185,000. Actual starting base pay will be determined based on skills, experience, location, and other non-discriminatory factors permitted by law. For some roles, total compensation may also include variable incentives, bonuses, benefits, and/or other awards as outlined in the offer of employment. Benefits - Benefits are an integral part of total rewards and First Citizens Bank is committed to providing a competitive, thoughtfully designed and quality benefits program to meet the needs of our associates. More information can be found at https://jobs.firstcitizens.com/benefits .

Related Categories

Related Job Pages

More Security Engineer Jobs

Full TimeRemoteTeam 10,001+Since 2013H1B Sponsor

Role Description This is a technical role responsible for executing the design, building, testing, and implementation of security systems across our environment, with a specific emphasis on endpoint security and mobility. You will work closely with other members of the Information Security team to identify potential threats and vulnerabilities and develop strategies and solutions to mitigate these risks, securing the end-user device estate and the mobile platforms through which the enterprise increasingly operates, and contributing to our overall information security strategy. This position can be virtual anywhere in the U.S. You will join the Business Technology Solutions (BTS) Information Security and Risk Management (ISRM) Architecture organization. Our team translates business objectives and cyber risk strategy into concrete security measures — processes, technologies, and services — across a diverse and complex infrastructure landscape, including on-premises, cloud, and X-as-a-Service models. Responsibilities: - Define and evaluate security architecture for the end-user device estate — workstation and laptop hardening, EDR/endpoint protection (e.g., CrowdStrike, Defender), data protection, and configuration baselines. - Advise on mobility security: MDM/UEM (e.g., Microsoft Intune), mobile application management, conditional access, and BYOD posture across iOS and Android. - Perform Security Architecture Reviews — adjudicate submissions, align the risk and controls with the system owner, and ensure review quality. - Deliver Security Architecture Consulting engagements with business partners — own each engagement end to end, with timely turnaround and clear customer communication. - Provide Risk Evidence Review on request, partnering with Risk Management to evaluate control and mitigation effectiveness for risk owners. - Plan, design, build, and implement enterprise security architecture, and create relevant documentation of same. - Evaluate security technologies and controls across the environment — including those employed by third-party providers — developing strategies, determining which controls fit a given situation, and adapting them to business needs, risk, and the threat landscape. - Identify and communicate current and emerging security threats and risks; design security architecture elements and propose new or revised measures to mitigate them as they emerge. - Help develop solutions that balance information security needs with the needs of the business, in collaboration with team members and business and IT stakeholders. - Be fluent with AI concepts and incorporate AI into your daily workflows — using AI to accelerate design reviews, threat modeling, documentation, and analysis — targeting improved efficiency, quality, and speed. - Create reusable security-architecture artifacts — reference architectures, design patterns, security guidelines, and security positions — that scale the team's expertise beyond one-off engagements. - Identify recurring problems and build durable systems, patterns, and standards that solve them at the root — not only technical problems, but process and people problems too — so the same issue does not keep resurfacing. - Support training and mentorship of more junior employees as well as employees outside the Information Security Team, as needed. Qualifications - Bachelor's Degree and 8 years of experience OR Master's Degree and 7 years of experience OR PhD and 3 years of experience. - Demonstrated proficiency with security controls and concepts. - Working knowledge of security frameworks and standards (e.g., NIST, CIS Controls, OWASP, Cloud Security Alliance). - Advanced knowledge of operating systems, networking protocols, systems administration, and security technologies. - Advanced knowledge and application of cybersecurity terminology and concepts, and foundational understanding of the cyber threat landscape and attack vectors. - Understanding of risk management principles and the ability to integrate them into security practices. - Capable of learning new concepts and processes quickly and adapting to a constantly changing environment. - Fluency with AI concepts and demonstrated use of AI tools to improve how you work. - Demonstrated critical thinking, problem solving, and analytical skills. - Strong organizational skills with attention to detail. - Strong written and verbal communication skills with a high level of professionalism. - Ability to work independently and effectively as part of a team. - Willingness to be available, as needed, for major and critical security issues. - Demonstrated skills and experience in the following tools: - Endpoint protection and detection (EDR/EPP), data protection, and configuration-baseline tooling. - Mobile device and endpoint management (MDM/UEM, e.g., Microsoft Intune), mobile application management, and conditional access. - Operating systems, networking protocols, systems administration, and cloud platforms (e.g., AWS, Azure). - Security control frameworks and the cyber threat landscape and attack vectors. - AI tools and AI-assisted workflows to drive speed and quality. - Collaboration and documentation platforms (ServiceNow ITSM, Jira, Confluence, Microsoft 365 / SharePoint). Requirements - Professional cybersecurity certifications (e.g., CISSP, SANS/GIAC, etc.) are highly desirable. Benefits - We offer a comprehensive package of benefits including paid time off (vacation, holidays, sick), medical/dental/vision insurance and 401(k) to eligible employees. - This job is eligible to participate in our long-term incentive programs.

United States
$124.5K - $236.5K / year
ServiceNow logo

Enterprise Account Executive, Cybersecurity

ServiceNow

ServiceNow provides cloud-based services that automate enterprise information technology operations. As an employer, ServiceNow offers a challenging, collaborat

Full TimeRemoteTeam 29,000Since 2004

Role Description You will produce new business sales revenue from a SaaS license model. You will accomplish this through account planning, territory planning, researching prospect customers, using business development strategies and completing field-based sales activities within a defined set of prospects, territory or vertical. What you get to do in this role: - Develop relationships with multiple C-suite personas (e.g., CFO, CIO, COO, CDO) across all product sales - Oversee client relationship mapping to the account team, orchestrating an account strategy across a broad virtual team (Solutions Consultants, Solutions Specialist, Success resources, Partners and Marketing, etc.) - Be a trusted advisor to your customers by understanding their business and advising on how ServiceNow can help their IT roadmap - Identify the right specialist/support resources to bring into a deal, at the right time Qualifications - Experience in leveraging or critically thinking about how to integrate AI into work processes, decision-making, or problem-solving. This may include using AI-powered tools, automating workflows, analyzing AI-driven insights, or exploring AI's potential impact on the function or industry. - 7+ years of sales experience within software OR solutions sales organization - Experience selling cybersecurity - Knowledge of and experience selling into technology companies - Experience establishing trusted relationships with current and prospective clients and other teams - Ability to produce new business, negotiate deals, and maintain healthy C-Level relationships - Experience achieving sales targets - The ability to understand the "bigger picture" and our plans around IT - Experience promoting a customer success focus in a "win as a team" environment Requirements - For positions in this location, we offer a base pay of $114,400 - $188,750, plus equity (when applicable), variable/incentive compensation and benefits. - Sales positions generally offer a competitive On Target Earnings (OTE) incentive compensation structure. - Please note that the base pay shown is a guideline, and individual total compensation will vary based on factors such as qualifications, skill level, competencies, and work location. - We also offer health plans, including flexible spending accounts, a 401(k) Plan with company match, ESPP, matching donations, a flexible time away plan and family leave programs. - Compensation is based on the geographic location in which the role is located and is subject to change based on work location. Benefits - Health plans, including flexible spending accounts - 401(k) Plan with company match - ESPP and matching donations - Flexible time away plan - Family leave programs

United States
$114.4K - $188.8K / year
RevenueCat logo

Head of Security

RevenueCat

The subscription platform for mobile apps

Full TimeRemoteTeam 51-200Since 2017H1B No Sponsor

• Lead and evolve RevenueCat’s security roadmap • Establish priorities across infrastructure, application, and internal security • Partner with engineering leadership on architecture and security decisions • Build trust internally as the security leader engineers want to work with • Drive meaningful improvements to overall security posture • Improve detection, prevention, and response capabilities • Educate and increase security awareness within the company • Define how the security organization should scale over time

California
$305K / year

Information Security Engineer – Security Automation and Response

UChicago Medicine

We’ve been at the forefront of medicine since 1899. We provide superior healthcare with compassion, always mindful that each patient is a person, an individual. To accomplish this, we need employees with passion, talent and commitment… with patients and with each other. We’re in this together: working to advance medical innovation, serve the health needs of the community, and move our collective knowledge forward. If you’d like to add enriching human life to your profile, UChicago Medicine is for you. Here at the forefront, we’re doing work that really matters. Join us. Bring your passion.

Role Description Join one of the nation’s most comprehensive academic medical centers, UChicago Medicine as an Information Security Engineer – Security Automation and Response for the Information Security department. This is a remote, work from home opportunity, and you may be based outside of the greater Chicagoland area. Under general direction of the Information Security Operations Manager, you will be responsible for: - Implementing, deploying, and optimizing Automation using SOAR playbook development, Logging, AI driven workflows. - Streamlining incident response and improving SOC operational efficiency. - Participating in threat investigation and incident response. Essential Job Functions include: - Developing, implementing, and maintaining SOAR playbooks to automate repetitive security tasks, such as alert triage, threat investigation, and incident response, using tools like SOAR, Python, and API integrations. - Knowledge of threat detection development, automation of SOAR development, and Incident Response. - Supporting initiatives with the Information Security Operations Manager to advance Security Operations capabilities using AI. - Investigating malware, intrusions, unauthorized access, and data infiltration and exfiltration events. - Analyzing logs, memory, disk images, and network captures to determine attack scope and impact. - Staying informed on cyber threats and standard processes to enhance Security Operations Center capabilities. - Excellent knowledge of security information and event management (SIEM) platforms including query language (Yara-L, CQL, SPL, etc.). - Participating in Purple Team activity. - Participating in on-call rotation and responding to critical security events. Qualifications - BS or BA degree, Computer Science, Engineering, or equivalent education, training or work experience. - 5 years of Security experience, or equivalent training and education. - Knowledge of computing systems, data network communications, and network architecture. - Effective written and verbal communication skills. - Experience in SOAR playbook development. - Scripting or programming skills (Python, PowerShell, Go, etc.) required. - Experience in Incident Response and Threat investigation. - Experience in Threat detection. - Understanding of logging systems. - Security related certifications are preferred (GIAC, CISSP). Requirements - Full Time (1.0 FTE). - Day Shift. - Remote Location. - Non-Union CBA Code. Benefits UChicago Medicine is committed to transparency in compensation and benefits. The pay range provided reflects the anticipated wage or salary reasonably expected to be offered for the position. - The pay range is based on a full-time equivalent (1.0 FTE) and is reflective of current market data, reviewed on an annual basis. - Compensation offered at the time of hire will vary based on candidate qualifications and experience and organizational considerations, such as internal equity. - Pay ranges for employees subject to Collective Bargaining Agreements are negotiated by the medical center and their respective union.

United States
$98.3K - $114.7K / year