Summer Associate, Security Governance & Risk – Standards Management
Navy Federal Credit Union
Cyber Security
Enterprise Solutions Architect
UNCF
full-time
Posted on:
Origin: • 🇺🇸 United States • District of Columbia, Washington
Visit company websiteSalary
💰 $96,000 - $120,000 per year
Job Level
Mid-LevelSenior
Tech Stack
Cyber Security
About the role
- The Enterprise Solutions Architect (ESA) at UNCF will report to the Director of Security/Cybersecurity. The Director is responsible for supervising all technical and information security endeavors within the Enterprise Technology function. In this role, the incumbent will have the opportunity for collaboration across the enterprise portfolio with key partners and exposure to key senior stakeholders. The department's primary objectives include embracing 'As-a-Service' models/technologies, developing shared services offerings, and exploring innovative solutions with emerging technologies. This is an intermediate ESA role that will play a vital role in upholding cybersecurity standards for our programs and business critical assets. The scope for this role covers a broad spectrum of cybersecurity domains, including security and risk management, asset security, security engineering, identity and access management, security assessment, security operations, and software development security. Assess and mitigate cybersecurity risks by identifying vulnerabilities, evaluating threats, and implementing appropriate security controls. Interpret noncompliance patterns to assess their impact on risk levels. Ensure compliance with relevant laws, regulations, policies, and ethical standards pertaining to cybersecurity and privacy. Track security/audit findings and recommendations, overseeing the implementation of appropriate mitigation actions. Perform incident response and handling methodologies, including the supervision of protective or corrective measures when cybersecurity incidents or vulnerabilities are discovered. Participate in security assessments of vendors as apart of due diligence to determine risk and alignment with organizations minimum security standards established contracts for service. Support the information security training and awareness program, ensuring that campaigns and content align with organizational threats, industry best practices, and compliance requirements. Contribute to the pipeline of written information security policy reviews and status tracking. Define and oversee the implementation of security policy configurations and procedures to safeguard critical infrastructure. Provide system-related input on cybersecurity requirements to be integrated into statements of work and procurement documents. Forecast ongoing service demands and review security assumptions needed to offer share-services. Other duties as assigned.
Requirements
- Bachelor’s degree from a four-year college or university in information technology, Cybersecurity, or a related field. A minimum of 5 years of experience as a senior analyst or lead of security/networks/systems operations, required, with direct involvement in operations management, policy development, system procurement activities, leadership, mentorship, and information assurance management. Certifications such as COMPTIA Security +, Network +, Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or Certified Information Systems Manager (CISA) are highly desirable. In-depth knowledge of computer networking concepts, protocols, risk management processes, cybersecurity and privacy principles, cyber threats, and vulnerabilities. Strong understanding of security architecture, risk assessment, and security controls. Proficiency in incident response, penetration testing, and security assessment methodologies. Familiarity with PCI DSS, HIPAA, COPPA, GLBA, and state/local privacy regulations. Excellent communication and leadership skills, with the ability to communicate the value of IT security to all levels of the organization. Experience of successfully contributing to enterprise portfolios and delivering technical initiatives on time. Familiarity of cybersecurity principles, frameworks, and industry standards such as CIS, NIST Cybersecurity Frameworks. Excellent project management skills, including the ability to prioritize tasks, manage resources, and adapt to changing priorities. Exceptional communication and interpersonal skills, with the ability to influence and engage stakeholders at all levels of the organization. Strong analytical and problem-solving abilities, with the capacity to make data-driven decisions and drive process improvements.
