Truist Financial - Atlanta, GA
posted 5 months ago
The Client Identity and Access Management Cybersecurity Compliance Lead Consultant at Truist is responsible for managing the corporate cybersecurity legal, regulatory, and industry compliance specifically within the Client Identity and Access Management (CIAM) domain. This role involves leading and developing client authentication and identity proofing strategies that bridge Cybersecurity, Digital Lines of Business (LOBs), Technology, and Fraud to effectively close compliance gaps. The consultant will manage CIAM risk and compliance functions, which include establishing and serving as the de facto interpreter of CIAM standards designed to safeguard the firm's systems and data. Additionally, the consultant will act as the CIAM subject matter expert for stakeholder groups, performing assessments to identify, manage, and mitigate CIAM risks, guiding remediation of compliance gaps, maintaining a library of cyber risks and controls, and evaluating and tracking the cyber program's maturity. The consultant will also serve as a security advisor to various business segments and functions. In this role, the consultant will be expected to be a subject matter expert on FFIEC AAFISS and NIST, translating these authoritative sources into the CIAM Standard, CIAM Program processes, and foundational Operating Model that spans across the enterprise. The consultant will analyze formal requirements documents, design documents, and other delivery artifacts to ensure alignment with the CIAM Standard and compliance adherence. Furthermore, the consultant will develop the CIAM authentication strategy applicable across all client channels, including Digital, Contact Center, and Branch. The consultant will manage the monitoring and reporting on information/cyber security compliance and related risk and controls programs to various audiences, including regulators and examiners. They will provide consulting expertise on CIAM to all business channels, delivery teams, and engineering/architecture. The consultant will independently drive expertise on available client authentication capabilities/products and emerging CIAM risks. They may also facilitate a team of professional-level individual contributors, setting the team's direction, communicating priorities, and managing deliverables against expected results. Additionally, the consultant will contribute to the development of cyber governance strategies and support internal and external audits.