DescriptionThe Cybersecurity Architect - Principal reports to the Cybersecurity Architect Senior Manager and frequently interacts with the Chief Information Security Officer, as well as audit and compliance. The Cybersecurity Architect - Principal is responsible for designing security solutions that protect business and customer data, but also allow the business to execute and innovate.

The Cybersecurity Architect - Principal works closely with many diverse and dynamic teams, including, but not limited to, security engineering, IT infrastructure, application development, security operations, security audit and end users. This position is also responsible for architecting solutions to secure business-to-business initiatives, third-party relationships, outsourced solutions and vendors.

The Cybersecurity Architect - Principal provides expert guidance for addressing current security issues but has the foresight to see where the industry is headed and proactively deliver optimal secure solutions. The architect is expected to think like an adversary and identify how solutions should evolve as the threat landscape changes.

The position is 40% security architecture, 50% technical leadership, and 10% research and development. The individual partners with product managers and solution architects to set the security direction of offerings and articulates the value proposition.  Also, the position provides guidance to Line of Business CIOs and is the final approver of information security controls on projects.

Guides businesses to leverage common information security patterns
Partners with subject matter experts to improve information security patterns and services

Duties and Responsibilities:

Deliver cybersecurity architecture work associated with projects delivery and roadmapsProvide technical leadership to the cybersecurity organizationPerform research and development associated with enabling future cybersecurity capabilities

Basic Qualifications:

4+ years cybersecurity architecture8+ years of information security experience10+ years of experience delivering technology solutions in large-scale complex organizationsAssociate's Degree

 
Preferred Qualifications:

Extensive knowledge of traditional security controls and technologies, such as:

Security Information and Event Management (SIEM) systems, intrusion detection/prevention systems (IDS/IPS), public key infrastructure (PKI), identity and access management (IDAM) systems, antivirus and firewalls.Newer offerings such as endpoint detection and response (EDR),  threat intelligence platforms, security automation and orchestration, deception technologies and application controlsExperience with a broad range of mobile and wed application design, development, and management principles, practices, and procedures Experience influencing management on technical and business solutionsExperience in cloud computing technologies, including software-, infrastructure and platform-as-a-service, as well as public, private and hybrid environmentsExcellent verbal, written, and interpersonal communication skillsKnowledge and understanding of data protection technologies and practicesKnowledge and understanding of threat analysis and assessment of potential and current information security risk/threatsStrong understanding of application or software security such as: dynamic application security testing, secure code review, and secure static code analysisKnowledge and understanding of cryptography and key managementKnowledge and understanding of service-oriented architecture and associated security controlsKnowledge and understanding of enterprise authentication and authorization technologies such as LDAP, SAML, XACML, and reverse authenticating proxies.General understanding of diverse platforms and operating systems, including current and emerging technologiesCertified Information Systems Security Professional (CISSP) 5+ years of experience in architecture, governance, risk management, PCI DSS control governance, application security, encryption, key management, and identity and access managementExperience architecting applications for financial services business

#Hybrid

#LI-SG1

#LI-BM1

Exempt Status: (Yes = not eligible for overtime pay) (No = eligible for overtime pay)

Yes

Workplace Type:

Office

Our Approach to Office Workplace Type

Certain positions outside our branch network may be eligible for a flexible work arrangement. We’re combining the best of both worlds:  in-office and work from home. Our approach enables our teams to deepen connections, maintain a strong community, and do their best work. Remote roles will also have the opportunity to come together in our offices for moments that matter. Specific work arrangements will be provided by the hiring team.

Huntington is an Equal Opportunity Employer.

Tobacco-Free Hiring Practice: Visit Huntington's Career Web Site for more details.

Note to Agency Recruiters:  Huntington Bank will not pay a fee for any placement resulting from the receipt of an unsolicited resume.  All unsolicited resumes sent to any Huntington Bank colleagues, directly or indirectly, will be considered Huntington Bank property. Recruiting agencies must have a valid, written and fully executed Master Service Agreement and Statement of Work for consideration.