The Cryptographic Operations and Data Protection Engineering Manager also maintains current knowledge of modernized computing paradigms, automation/orchestration frameworks, APIs, virtualization platforms, security threats, and recommends security enhancements and purchases that allow Citizens Bank to deliver the most secure and robust digital applications deployed within the organization and within the cloud.
This exciting position is both strategic and tactical in nature and requires a candidate with a strong technical background with the ability build relationships and consult at the highest levels of the organization. This Individual must be able to effectively communicate with all levels of the organization on cyber security related matters and coordinate remediation activities and issue resolution.
- Gaining a comprehensive understanding of the company’s overall digital technology and information systems and capabilities.
- Participation in Agile meetings and timely delivery of project-related artifacts.
- Management responsibility for a team of cryptographic and data protection security experts.
- Responsible for the definition of a proactive enterprise cryptography and data protection strategy.
- Ownership of the end-to-end delivery of cryptographic/data protection strategy and platforms.
- Leading activities to continue quantum-proofing of cryptographic platforms and protocols to ensure resistance to potential quantum computing threats.
- Driving the business process definition across the enterprise cryptographic and data protection arena.
- Negotiating and liaising with different business and technology teams within the organization.
- Acting as the cryptographic and data protection subject matter expert with regards to strengths and weaknesses of the security capabilities systems and being able to recommend improvements to both software and hardware.
- Performs in-depth research on cryptographic industry risks and trends as well as performs benchmarking analysis to provide enhanced insights on cryptographic maturity when compared to industry peers and competitors.
- 10 or more years of relevant work experience in a large, matrix driven organization
- Management experience in one or more of the following:
- Operations / On-Prem. Certificate Authority (Microsoft) CA/PKI Infrastructure
- Certificate Mgmt. System/ Card management System (Venafi, Intercede, Entrust, CSS, etc.)
- HSM management (Safenet, Thales, etc.)
- Registration Authorities (RAs), CRLs, HSMs, OSCP to deploy complex PKI system with other technologies
- PKI, 802.1x/EA-TLS Authentication protocols
- Kerberos, OAuth, OpenID Connect, Web Services, Wireless Networks, AD, LDAP, MFA technologies
- Modern Data Loss Prevention (DLP) and Data Access Governance methodologies and platforms
- Operations/Management of a PKI environment that is alignment with government regulations around medium level of assurance for Identity
- Demonstrated conflict management, decision making and negotiation skills
- Proven ability to independently identify and resolve critical and complex issues through effective problem-solving skills
- Superb communication skills (both written and verbal) with ability to communicate technical strategy to non-technical audiences
- Highly familiar with modern network, compute, storage, database, virtualization, cloud, and security technologies
- Experience working across the aisle in a cross-functional team.
- Familiarity with security industry standards (ISO 17799, ISO 27001/2, ISO 31000, NIST 800 series, etc.)
- Experience with internal controls, risk assessments, business process and internal IT control testing or operational auditing
- Demonstrated ability to think strategically about business, risk, and technical challenges impacting IT security.
- Experience with building and maintaining effective relationships with stakeholders, clients, peers, supervisors, subordinates, and other internal company staff
- End to end understanding of the secure software development lifecycle (SSDLC) and DevOps/DevSecOps process integration.
- Candidate should have an understanding of APIs, methods of automated deployment, and API security management in a corporate setting.
- Bachelor's degree (Degree in Computer Science or Computer Engineering preferred) or equivalent experience.
- CISSP or other relevant industry certifications.