Cybersecurity Architect - First Interstate Bank
Billings, MT
About the Job
**If you are a current FIB employee, please apply through the Career Worklet in the Employee Portal. This position can be located in Billings, MT or Sioux Falls, SD. What’s Important to You We know your career is just one aspect of a meaningful, complex, and demanding life. That’s why we designed our compensation and benefits package to provide employees and their families with as much choice as possible. Generous Paid Time Off (PTO) in addition to paid federal holidays. Student debt employer repayment program. 401(k) retirement plan with a 6% match. The health and happiness of the places we call home matter to us. Learn a little more about what we do for the communities we serve, and why we want YOU to be a part of it. We encourage you to apply. Reach for what you want and tell us why your work ethic and willingness to learn make you a natural fit for #TeamFirstInterstate. SUMMARY Plays an integral role in defining and assessing the organization's security strategy, architecture and practices at First Interstate Bank. Required to effectively translate business objectives and risk management strategies into specific security processes enabled by security technologies and services. ESSENTIAL DUTIES & RESPONSIBILITIES include the following: other duties may be assigned. Develops security strategy plans and roadmaps based on sound enterprise architecture practices for all environments including cloud and on-premise infrastructure. Develops and maintains security architecture artifacts (e.g., models, templates, standards and procedures) leveraging the Enterprise Architecture tool that can be used to understand and integrate security capabilities in projects and operations. Develops standards and assist in developing practices for data encryption and tokenization in the organization, based on the organization's data classification criteria. Drafts architecture security standards to be reviewed and approved by executive management and/or formally authorized by the Chief Information Security Officer (CISO). Documents and addresses organization's information security, cybersecurity architecture, and systems configuration and security engineering requirements throughout the acquisition life cycle. Performs security reviews, identifies gaps in security architecture, and develops a security risk management plan. Validates IT infrastructure and other reference architectures for security best practices and recommend changes to enhance security and reduce risks, where applicable. Coordinates with the Enterprise Architecture team to develop and maintain a security architecture process that enables the enterprise to develop and implement security solutions and capabilities that are clearly aligned with business, technology and threat drivers. Collaborates with the IT teams to define baseline security configuration standards for operating systems (e.g., OS hardening), network segmentation, identity and access management (IAM), and cloud deployments. Coordinates with the privacy officer or office to document data flows of sensitive information in the organization (e.g., PII or ePHI) and recommend controls to ensure that this data is adequately secured (e.g., encryption and tokenization). Liaises with the vendor management (VM) team to conduct security assessments of existing and prospective vendors, especially those with which the organization shares intellectual property (IP), as well as regulated or other protected data for third party providers. Evaluates the statements of work (SOWs) and master services agreements (MSAs) for these providers to ensure that adequate security protections are in place. Assesses the providers' audit reports for security-related deficiencies and required "user controls" and report any findings to the CISO and vendor management teams. Liaises with the internal audit (IA) team to review and evaluate the design and operational effectiveness of security-related controls. QUALIFICATIONS Knowledge and experience with financial regulations such as Payment Card Industry Data Security Standard (PCI-DSS), Sarbanes-Oxley (SOX) Privacy Practices Gramm-Leach-Bliley Act (GLBA) NIST Cybersecurity Framework (CSF) Center for Internet Security (CIS) Critical Security Control Other cyber security frameworks, architecture, and technology Experience in using architecture frameworks such as The Open Group’s TOGAF Direct, hands-on experience or strong working knowledge of managing security infrastructure — e.g., firewalls, intrusion prevention systems (IPSs), web application firewalls (WAFs), endpoint protection, SIEM and log management technology, and vulnerability management tools Full-stack knowledge of IT infrastructure: Applications Databases Operating systems — Windows, Unix and Linux Hypervisors IP networks — WAN and LAN Storage networks — Fibre Channel, iSCSI and NAS Backup networks and media Containers/Kubernetes Public cloud services Securing public cloud services EDUCATION & EXPERIENCE Bachelor's or Master's degree in computer science, information systems, cybersecurity or a related field. Is required. 1-3 years’ Experience as a Cybersecurity Architect or Engineer designing or building multiple components of an IT or cybersecurity infrastructure. Certified Information Systems Security Professional preferred or Certified Information Systems Auditor preferred or Certified Information Security Manager preferred or Global Information Assurance Certification preferred PHYSICAL DEMANDS AND WORKING ENVIRONMENT The physical demands and work environment are representative of those that must be met or encountered to successfully perform the essential functions of the job. In compliance with the Americans with Disabilities Act, the company provides reasonable accommodation to qualified individuals with disabilities and encourages both prospective and current employees to discuss potential accommodations with the employer. Dexterity of hands/fingers to operate computer keyboard and mouse – Frequently Sitting – Frequently Standing – Occasionally Noise Level – Moderate Regular and Predictable Attendance – Required Typical Work Hours - M-F (8-5) Lifting- Occasionally up to 50lbs **If you are a current FIB employee, please apply through the Career Worklet in the Employee Portal. First Interstate Bank is an equal opportunity employer committed to a diverse workforce and a barrier-free employment process. Employment is based solely on an individual's merit and qualifications directly related to the position. We do not discriminate on the basis of race, color, religion, national origin, ancestry, pregnancy status, sex, age, marital status, disability, medical condition, or any other characteristics protected by law. We make all reasonable accommodations to meet the obligations set forth under the Americans with Disabilities Act (ADA) and state disability laws. In order to ensure reasonable accommodations for individuals protected by Section 503 of the Rehabilitation Act of 1973, the Vietnam Era Veterans' Readjustment Assistance Act of 1974, and Title I of the Americans with Disabilities Act of 1990, as amended, individuals that require accommodation in the job application process for a posted position may contact us (406)255-5485, Monday through Friday, 8 am to 5 pm MST or email us at careers@fib.com. All applicants must pass pre-employment screenings including a background check. First Interstate BancSystem participates in E-Verify which will require new employees to verify their identity and employment eligibility through the internet-based system operated by the Social Security Administration (SSA) and the Department of Homeland Security (DHS). E-Verify Notice English or Spanish Right to Work Notice English or Spanish
Source : First Interstate Bank