Information Security Officer (Lead Project Manager)

The position is described below. If you want to apply, click the Apply Now button at the top or bottom of this page. After you click Apply Now and complete your application, you'll be invited to create a profile, which will let you see your application status and any communications. If you already have a profile with us, you can log in to check status.

Need Help?

If you have a disability and need assistance with the application, you can request a reasonable accommodation. Send an email to Accessibility (accommodation requests only; other inquiries won't receive a response).

Regular or Temporary:
Regular

Language Fluency: English (Required)

Work Shift:
1st shift (United States of America)

Please review the following job description:

The Information Security Officer will be part a team who is tasked with remediating risks that are identified by red team, pentest team along with Cyber Threat Management. This valuable team also responds to mediating what is determined as imminent threats managing escalated responses that have been identified as threats to Truist internal/ external.

Ideal talent has cyber and technical expertise serving as a lead project manager to develop interim mitigating actions and track those to closure.

You will develop a foundational understanding of the businesses you support helping drive timely discussions and decisions in partnership with those teams.
You will provide oversight for the design, development and installation of the corporate-wide cybersecurity technology controls while ensuring that business practices meet cybersecurity standards and policies.
You will as the Information Security Officer drive effective communication and awareness of risk posture for the businesses you support to identify, assess and manage cybersecurity risk.

ESSENTIAL DUTIES AND RESPONSIBILITIES
Following is a summary of the essential functions you will project manage in this job. Other duties may be performed, both major and minor, which are not mentioned below. Specific activities may change from time to time.

• Risk Management: Identify, assess, and manage information security risks specific to the business unit. Ensure appropriate risk mitigation strategies are implemented to minimize security threats. Conduct risk assessments and ensure compliance with internal policies and regulatory requirements.
• Security Strategy Alignment: Align the business unit's security requirements with the organization's overall cybersecurity strategy. Develop and implement security measures that meet both the business objectives and security needs of the unit.
• Compliance and Regulatory Adherence: Ensure that the business unit complies with relevant laws, regulations, and industry standards (e.g., GDPR, HIPAA, PCI-DSS). Implement policies and processes to meet security and privacy regulations, as well as company-specific guidelines
• Incident Response and Management: Coordinate incident response efforts for security breaches or data loss within the business unit. Work closely with the corporate security team to manage and mitigate incidents.
• Awareness and Training: Promote security awareness within the business unit by educating employees on best practices and current threats.
• Collaboration with technology and Business Leaders: Work with business leaders to understand their objectives and ensure that security solutions support these goals. Collaborate with security teams to ensure that security controls do not hinder business processes or productivity.
• Security Governance: Contribute to the development of security policies, standards, and guidelines, ensuring that they are implemented effectively within the business unit. Regularly report on the security posture of the business unit to senior management and the security team.
• Security Capability Support: Ensure the confidentiality, integrity, and availability of sensitive information within the business unit. Oversee the implementation of data protection measures and practices to safeguard against unauthorized access or data breaches. Assess and manage the security risks associated with third-party vendors or partners that interact with the business unit. Recommend and oversee the implementation of security tools and technologies that address the specific needs of the business unit. Ensure that appropriate security monitoring and response mechanisms are in place.

Required Qualifications
The requirements listed below are representative of the knowledge, skill and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

• Associate's degree in business, cybersecurity, computer science or equivalent and related education, training or experience.
• Two (2) or more years direct experience in financial services, cybersecurity, or information technology (IT)
• Effective communication & presentation skills
• Strategic mindset, goal-oriented, collaborative thinker
• Critical thinking and problem-solving skills with an ability to manage both short-term and long-term priorities
• Ability to manage multiple, concurrent projects, activities, and tasks under time constraints.

General Description of Available Benefits for Eligible Employees of Truist Financial Corporation: All regular teammates (not temporary or contingent workers) working 20 hours or more per week are eligible for benefits, though eligibility for specific benefits may be determined by the division of Truist offering the position. Truist offers medical, dental, vision, life insurance, disability, accidental death and dismemberment, tax-preferred savings accounts, and a 401k plan to teammates. Teammates also receive no less than 10 days of vacation (prorated based on date of hire and by full-time or part-time status) during their first year of employment, along with 10 sick days (also prorated), and paid holidays. For more details on Truist's generous benefit plans, please visit our Benefits site. Depending on the position and division, this job may also be eligible for Truist's defined benefit pension plan, restricted stock units, and/or a deferred compensation plan. As you advance through the hiring process, you will also learn more about the specific benefits available for any non-temporary position for which you apply, based on full-time or part-time status, position, and division of work.

Truist is an Equal Opportunity Employer that does not discriminate on the basis of race, gender, color, religion, citizenship or national origin, age, sexual orientation, gender identity, disability, veteran status, or other classification protected by law. Truist is a Drug Free Workplace.

EEO is the Law Pay Transparency Nondiscrimination Provision E-Verify