Truist Financial - Atlanta, GA

posted 5 months ago

Part-time,Full-time - Mid Level
Atlanta, GA
Credit Intermediation and Related Activities

About the position

The Client Identity and Access Management Cybersecurity Compliance Lead Consultant at Truist is responsible for managing the corporate cybersecurity legal, regulatory, and industry compliance specifically within the Client Identity and Access Management (CIAM) domain. This role involves leading and developing client authentication and identity proofing strategies that bridge Cybersecurity, Digital Lines of Business (LOBs), Technology, and Fraud to effectively close compliance gaps. The consultant will manage CIAM risk and compliance functions, which include establishing and serving as the de facto interpreter of CIAM standards designed to safeguard the firm's systems and data. Additionally, the consultant will act as the CIAM subject matter expert for stakeholder groups, performing assessments to identify, manage, and mitigate CIAM risks, guiding remediation of compliance gaps, maintaining a library of cyber risks and controls, and evaluating and tracking the cyber program's maturity. The consultant will also serve as a security advisor to various business segments and functions. In this role, the consultant will be expected to be a subject matter expert on FFIEC AAFISS and NIST, translating these authoritative sources into the CIAM Standard, CIAM Program processes, and foundational Operating Model that spans across the enterprise. The consultant will analyze formal requirements documents, design documents, and other delivery artifacts to ensure alignment with the CIAM Standard and compliance adherence. Furthermore, the consultant will develop the CIAM authentication strategy applicable across all client channels, including Digital, Contact Center, and Branch. The consultant will manage the monitoring and reporting on information/cyber security compliance and related risk and controls programs to various audiences, including regulators and examiners. They will provide consulting expertise on CIAM to all business channels, delivery teams, and engineering/architecture. The consultant will independently drive expertise on available client authentication capabilities/products and emerging CIAM risks. They may also facilitate a team of professional-level individual contributors, setting the team's direction, communicating priorities, and managing deliverables against expected results. Additionally, the consultant will contribute to the development of cyber governance strategies and support internal and external audits.

Responsibilities

  • Manage Truist's Corporate cybersecurity legal, regulatory, and industry compliance in the CIAM space.
  • Lead and develop client authentication and identity proofing strategies across Cybersecurity, Digital LOBs, Technology, and Fraud.
  • Establish and interpret CIAM standards to safeguard the firm's systems and data.
  • Perform assessments to identify, manage, and mitigate CIAM risks.
  • Guide remediation of compliance gaps and maintain a library of cyber risks and controls.
  • Evaluate and track the cyber program maturity and serve as a security advisor to business segments and functions.
  • Translate FFIEC AAFISS and NIST standards into CIAM Standard and processes.
  • Analyze formal requirements and design documents for compliance adherence.
  • Develop CIAM authentication strategy for all client channels.
  • Monitor and report on information/cyber security compliance and related risk & controls programs to various audiences.
  • Provide CIAM subject matter expertise to all business channels and delivery teams.
  • Drive expertise on client authentication capabilities/products and emerging CIAM risks.
  • Facilitate a team of professional-level contributors, setting direction and managing deliverables.
  • Contribute to the development of cyber governance strategies and support audits.

Requirements

  • Bachelor's degree in computer science, regulatory affairs, business, organizational or compliance law, or financial services.
  • Ten years of related experience at a large financial institution in legal, compliance, risk management, or project management roles.
  • Ability to lead projects of moderate complexity and notable risk exposure.
  • Strong knowledge of cybersecurity risks, frameworks, best practices, and industry/regulatory requirements.
  • Experience with cyber security governance programs.

Nice-to-haves

  • Master's degree or MBA and 8 years of experience or equivalent combination of education and work experience.
  • Experience interacting with financial services regulatory bodies such as OCC, FRB, FDIC.
  • Cybersecurity certifications such as CISA, CISSP.
  • In-depth knowledge of FFIEC AAFISS and NIST standards.
  • Regulatory Change Management experience.

Benefits

  • Medical, dental, and vision insurance.
  • Life insurance and disability coverage.
  • Accidental death and dismemberment insurance.
  • Tax-preferred savings accounts.
  • 401k plan with company contributions.
  • At least 10 days of vacation (prorated) during the first year of employment.
  • 10 sick days (prorated).
  • Paid holidays.
  • Potential eligibility for defined benefit pension plan, restricted stock units, and/or deferred compensation plan.
© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service