Fifth Third Bank Lead Application Security Architect in CINCINNATI, Ohio
Fifth Third Bank is one of the top-performing banks in the country, with a heritage that spans more than 150 years. As The curious bank, we've staked our claim on looking at things differently, at being better listeners and at showing more commitment. We employ about 19,000 people, and what we offer is:
This applies to our relationships with customers and employees alike.
A chance for employees to build their future, with supportive career development and financial welln ess programs.
An environment where we win together. We celebrate achievement and work collaboratively. We're also a two-time Gallup Great Workplace honoree.
An invitation to impact lives in a positive and lasting way. Everything we do is geared toward improving lives. That's fun and exciting.
It comes down to the fact that Fifth Third is a warm and caring place to with which to grow # as a customer or as a team member.
Information Technology's vision is to be recognized as an industry-leading services company by efficiently delivering solutions and services our customers can rely on. We strive to create a business-focused team that drives significant value for the Company while building customer-centric service delivery models through the integration of technologies, data, and processes. Our customers' trust is earned through the effective delivery of resilient, secure products and services while balancing business needs with industry and regulatory requirements.
* Fifth Third Information Technology is comprised of several areas including:*
Commercial IT, Consumer IT, Payments IT, Infrastructure IT, Enterprise and Corporate Applications as well as IT Security and Risk.
The Lead Application Security Architect will be responsible for providing assistance with the maturing of Fifth Third Bank's web and mobile application security program. This is a hands-on role and requires an application security professional who has a solid background in application development and current coding experience, combined with an understanding of Information Security and Secure Coding / Secure Software Development principles. Responsible and accountable for risk by openly exchanging ideas and opinions, elevating concerns, and personally following policies and procedures as defined. Accountable for always doing the right thing for customers and colleagues, and ensures that actions and behaviors drive a positive customer experience. While operating within the Bank's risk appetite, achieves results by consistently identifying, assessing, managing, monitoring, and reporting risks of all types.
ESSENTIAL DUTIES & RESPONSIBILITIES:
. Assists with the driving and iteration of an Application Security program through a very close working relationship
with development teams.
. Providing strong leadership and cross-functional / stakeholder communications
. Maintaining and iterating documentation related to the Application Security program including
the development of secure coding policies, procedures and standards, modification of the
Software Development Life Cycle (SDLC) to include necessary security checkpoints, code review
. Assists with the development and leading of training programs used to train developers on secure code
. Ensuring that application security requirements are identified early-on and are built into code
. Planning, coordinating, and leading teams with the design, integration, development, validation
and implementation of specific security policies, systems and services.
. Evaluating new security trends and technologies.
. Making recommendations to strengthen the information security environment.
. Leading assessment and acquisition of application security tools and technologies.
. Participating as a subject matter expert in the incident response program.
. Attending design and application architectural reviews and actively lead discussions from a
. Evaluating application development and implementation activities for possible vulnerabilities, etc.
. Other duties as assigned.
Fifth Third Bank is proud to have an engaged and inclusive culture and to promote and ensure equal employment opportunity in all employment decisions regardless of race, color, gender, national origin, religion, age, disability, sexual orientation, gender identity, military status, veteran status or any other legally protected status.
KNOWLEDGE & SKILLS REQUIRED:
Bachelor's degree in related discipline with 7 or more years of experience.
Five or more years of interdisciplinary experience in 4 or more of the following: Access Control Systems, Application Security, Application SDLC, Operating Systems, Cryptographic Controls, Physical Security, Networking, or Policy andStandarddevelopment.* Ability to manage multiple, diverse tasks simultaneously and effectively prioritize work; strong organizational skills in a results-oriented environment.
Excellent communications skills as well as the ability to build effective relationships with business leaders and stakeholders.
Strong collaboration, communication, problem solving, conceptual and analytical skills.
Able to work at high level of autonomy in a dynamic environment.
CISSP or equivalent certification is preferred