Enterprise Cybersecurity Architect

If you are looking for a job that combines a passion for innovation, an opportunity for growth, and a culture of teamwork, then you've come to the right place. We have an exciting opportunity awaiting someone like you! The Enterprise Cybersecurity Architect is responsible for the design, development and implementation of BOKF's cybersecurity systems architecture. In this role you would be accountable for aligning BOKF's cybersecurity strategy to business strategy through establishment, monitoring, and enforcement of cybersecurity policies and protocols.

The (Enterprise) Cybersecurity Architect is responsible for the design, development and implementation of BOKF's cybersecurity systems architecture. Effectively partner with line of business leaders to gain clear understanding of business needs and technical needs and creates solutions that balance business requirements with information and cybersecurity requirements; Align standards, frameworks and security with overall business and technology strategy Leveraging broad technical knowledge of security principles and technologies, the incumbent closely partners with business and IT stakeholders to gain a thorough understanding of BOKF and vendor software and hardware as a basis for analyzing current system risks, recommending improvements and updates to evolve current system architecture in addition to recommending security architecture for new systems. The Enterprise Cybersecurity Architect is accountable for aligning BOKF's cybersecurity strategy to business strategy through establishment, monitoring, and enforcement of cybersecurity policies and protocols.

All team members have a stake in the game and are encouraged to share their ideas on creating efficiencies and ways to impact our bottom line. Our camaraderie, shared decision making, and mutual respect for one another are what make us, one big happy family.

• You will effectively partner with line of business leaders to gain clear understanding of business needs and technical needs. You will also create solutions that balance business requirements with information and cybersecurity requirements, align standards, frameworks and security with overall business and technology strategy.
• You will determine and develop enterprise wide application security standards, patterns, shared components and design architecture blueprints to ensure secure integration and exchange of data between applications, clients and vendors, develop and maintain security artifacts (models, patterns, templates, etc.) that can be used/reused to leverage security capabilities in new initiatives and operations.
• You will serve as a subject matter expert, strategic partner and trusted advisor to projects and domains across the enterprise, develop/maintain technology/product roadmaps, next generation strategies/deployment models, and financial planning models, partner with key line of business and IT leaders to initiate work and allocate resources necessary for deployment of project roadmaps.
• You will track development and changes in business, technology and threat environments to ensure they are addressed in BOKF's cybersecurity strategy, analyze emerging security threats and vulnerabilities, identifies gaps in existing and proposed architectures, and recommends changes or enhancements.
• You will partner with key technology vendors to ensure security capabilities are properly tested and validated in the BOKF environment, create performance metrics and traceability maps to determine and monitor the effectiveness of architecture solutions, serve as a key advisor on countermeasures that protect BOKF systems when an unauthorized user attempts to gain access.

This level of knowledge is normally acquired through completion of Bachelor's Degree in Cybersecurity, Computer Science, or related technical or business discipline and achieved or working towards CISSP or other industry recognized certification (i.e., CISM, GIAC, or CISA) with 5-7 years of progressively increasing responsibility and achievement in the Information Technology/Cybersecurity area and/or a minimum 7 years of experience developing and implementing cybersecurity strategies compliant with relevant National Institute of Standards and Technology (NIST) standards as well as ISO27001, COBIT and COSO or equivalent combination of education and experience.

• Strong understanding of cyber defense vulnerability assessment technologies and their capabilities
• Strong understanding of application or software security such as: dynamic application security testing, secure code review, and secure static code analysis
• Experience leading security consulting engagements in enterprise environments
• Experience designing security controls based on cybersecurity principles
• Proficient with API/web services, scripting languages, relational database management system (RDBMS), and cloud services (AWS, Azure, etc.)
• Experience with DevOps pipeline tools and systems architectures and software development lifecycle
• Knowledge of common network security and encryption tools and devices
• Knowledge of project management methodologies and application (SCRUM, XP and or SAFe Agile)
• Knowledge of banking systems and business practices
• Ability to apply the methods, standards, and approaches for describing, analyzing, and documenting an organization's enterprise information technology (IT) architecture
• Ability to apply network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
• Ability to serve as the primary liaison between the enterprise architect and the systems security engineer and coordinates with system owners, common control providers, and system security officers on the allocation of security controls as system-specific, hybrid, or common controls.