The position is described below. If you want to apply, click the Apply Now button at the top or bottom of this page. After you click Apply Now and complete your application, you'll be invited to create a profile, which will let you see your application status and any communications. If you already have a profile with us, you can log in to check status.Need Help? (https://www.brainshark.com/bbandt/careers-site-faq)If you have a disability and need assistance with the application, you can request a reasonable accommodation. Send an email to Accessibility (careers@truist.com?subject=Accommodation%20request)(accommodation requests only; other inquiries won't receive a response).Regular or Temporary:RegularLanguage Fluency: English (Required)Work Shift:1st shift (United States of America)Please review the following job description:The Head Business Information Security Officer will Lead the Business Information Security Officer's (BISO) organization and will lead a team of BISO’s that work closely with the line of business, their COOs and their supporting technology teams from the Chief Information Officers (CIOs)/Chief Technology Officers (CTOs). In this role, you will oversee a group/team to develop a deep understanding of the business in order to have specialized information security risk-based discussions. This relationship will ensure a focus on the right risk priorities. You will also provide guidance on information security topics, policies and controls.As Head BISO you will navigate the complex landscape of cybersecurity, directing daily operations and shaping the strategic direction of cybersecurity efforts within Truist Enterprise. This role affords significant autonomy to influence policy, develop long range goals, and ensure the seamless integration of cybersecurity measures into our IT infrastructure. You will be instrumental in leading our response to cybersecurity challenges, managing risks, and fostering a culture of innovation and excellence across the department.ESSENTIAL DUTIES AND RESPONSIBILITIESFollowing is a summary of the essential functions for this job. Other duties may be performed, both major and minor, which are not mentioned below. Specific activities may change from time to time.Primary Roles & Responsibilities
Strategic Planning: Develop policies, plans, and strategies In alignment with legal and regulatory standards to support cybersecurity initiatives.
Cybersecurity Principles: Utilize an in-depth understanding of cybersecurity principles to design and implement robust security measures.
Policy and Strategy Implementation: Implement objectives and policies as established by the SAA and CIO executive leadership; contribute to the formulation and execution of short- and long-term cybersecurity goals. Oversee policy standards and implementation strategies to ensure procedures and guidelines comply with cybersecurity policies. Ability to exercise judgment when policies are not well-defined.
Contribute to the ongoing information security initiatives and improvements development, implementation and maintenance of information security for the line of business (LOB).
Possess strong / experienced application development and/or application security background; with solid knowledge of SDLC from design, testing, deployment to post production and the different risk elements associated with each step.
Serves as an Information Security subject matter expert and liaison with GIS teams and participates in the development, implementation, and maintenance of information security programs for both the line of business (LOB) and the enterprise.
Provides guidance and advocacy regarding the prioritization of LOB investments that impact information security.
Advises LOB management on risk issues related to information security and recommends actions in support of the bank's wider risk management and compliance programs.
Monitors information security trends internal and external to the bank and keeps LOB leadership informed about information security-related issues.
Manages information security control alignment reporting to LOB Leadership.
Collaborates with risk partners on info security critical priorities.
Participates in senior LOB specific Risk Management & Business Continuity Routines.
Ability to build strong Partner relationships with peer technology groups and supported LOB
Supports the triage process with the client and helps them understand the GIS support structure.
Drives required risk culture and partnership with peer technology teams and supported LOB.
Participates in key CIO operating routines to drive information security risk strategy.
Has a deep understanding of security across application, bank managed and externally hosted cloud computing platforms.
Has a solid grasp of security in big data and other instructed large data structures.
Identifies and measures global information security (GIS) controls on most critical business processes or channels
QUALIFICATIONSRequired Qualifications:The requirements listed below are representative of the knowledge, skill and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
Master’s degree in Computer Science, Information Technology or related field.
15 years of experience in technology and 12+ years in information security.
Strong LOB knowledge/experience for the type of business they are aligned to.
10 years of risk management experience or direct participation in risk management processes, including application risk classification and application control assessments.
Experience giving presentations and superb communication skills.
Preferred Qualifications:
Strong analytical, critical thinking, problem solving and communication skills.
Experience with cyber competitions and practical cybersecurity exercises is a plus.
Deep understanding of the impact of cybersecurity on organizational processes.
General Description of Available Benefits for Eligible Employees of Truist Financial Corporation: All regular teammates (not temporary or contingent workers) working 20 hours or more per week are eligible for benefits, though eligibility for specific benefits may be determined by the division of Truist offering the position. Truist offers medical, dental, vision, life insurance, disability, accidental death and dismemberment, tax-preferred savings accounts, and a 401k plan to teammates. Teammates also receive no less than 10 days of vacation (prorated based on date of hire and by full-time or part-time status) during their first year of employment, along with 10 sick days (also prorated), and paid holidays. For more details on Truist’s generous benefit plans, please visit our Benefits site (https://benefits.truist.com/). Depending on the position and division, this job may also be eligible for Truist’s defined benefit pension plan, restricted stock units, and/or a deferred compensation plan. As you advance through the hiring process, you will also learn more about the specific benefits available for any non-temporary position for which you apply, based on full-time or part-time status, position, and division of work.Truist supports a diverse workforce and is an Equal Opportunity Employer that does not discriminate against individuals on the basis of race, gender, color, religion, citizenship or national origin, age, sexual orientation, gender identity, disability, veteran status or other classification protected by law. Truist is a Drug Free Workplace.EEO is the Law (https://www.eeoc.gov/sites/default/files/2022-10/EEOCKnowYourRightsscreenreader1020.pdf)Pay Transparency Nondiscrimination Provision (https://www.dol.gov/sites/dolgov/files/OFCCP/pdf/pay-transp%20EnglishformattedESQA508c.pdf)E-Verify (https://e-verify.uscis.gov/web/media/resourcesContents/E-VerifyParticipationPosterES.pdf)
Full-time