Job Description

Make banking a Fifth Third better

We connect great people to great opportunities. Are you ready to take the next step? Discover a career in banking at Fifth Third Bank.

GENERAL FUNCTION:

The Lead Information Security Engineer (ISE) will be responsible for engaging with the Business through the CIO teams to ensure Information Security Engineering defines, delivers and supports the enterprise security tools and architectures developed by their teams. The ISE will participate in Information Technology governance activities to review and consult on new and modified products, services, processes, applications and systems. The ISE will work across Information Security teams to consult on existing and future products and services, ensure IS Engineering teams understand Business requirements, assist with implementation or troubleshooting efforts where needed, and facilitate communication between product and service stakeholders. The ISE will also participate in a diverse variety of IS projects and support the ongoing operations of the Information Security department where needed. In addition, the ISE will leverage their years of experience to foster ideas with other Engineers and enhance the knowledge within the Engagement & Architecture team. The ISE will be focused on working with the Business to identify current and future use of Information Security products and services, identify gaps in services leveraged by the Business, identify gaps in Information Security products, services, processes, applications and systems, communicate those gaps to the responsible Information Security Engineering teams and facilitate corrective action where needed, help design services to match Business requirements where needed, and facilitate communications between IT, the Business and Information Security teams. The ISE will support other ISE's in similar endeavors, stepping in to assist them when necessary, influence better approaches and behaviors where appropriate, and mentor other members of the team where appropriate. The ISE will continually improve their skills through the pursuit of education and strive to become a specialist in an area of need within the team, such as encryption, identity, networking / infrastructure, or middleware, among other potential areas.

Responsible and accountable for risk by openly exchanging ideas and opinions, elevating concerns, mentoring others, identifying areas of improvement for the team, and personally following policies and procedures as defined. Accountable for always doing the right thing for customers and colleagues, and ensures that actions and behaviors drive a positive customer experience. While operating within the Bank's risk appetite, achieves results by consistently identifying, assessing, managing, monitoring, and reporting risks of all types.

ESSENTIAL DUTIES AND RESPONSIBILITIES:

* Represent the Information Security team with the lines of Business by working with the Information Technology CIO teams to understand security needs for products, services, processes, applications and systems
* Facilitate the identification and defining of security requirements for technology products, services, processes, applications and systems
* Participate in governance activities as required to evaluate the security controls and protections for new or modified technology business products, services, processes, applications and systems
* Engage with other Information Security teams to help design and enhance the security controls for Information Technology or Information Security products, services, processes, applications and systems
* Engage with other Information Security teams to help facilitate dissemination of Information Security products, services, processes, applications and systems into the technology environment
* Serve as a security engineer/consultant on projects where needed
* Participate in conducting security research on business and / or Information Security products and services
* Support the Bank's information security activities where required, including consultation for the development and maintenance of standards, procedures, and guidelines necessary to satisfy the Information Security department's responsibilities
* Assist in conducting risk assessments to evaluate the effectiveness of existing controls and determine the impact of proposed changes to business products, services, processes, applications and systems
* Provide technical support to regulatory agencies, external auditors, and internal auditors, as required, to respond to audits and examinations of the Bank's control environment.
* Support the dissemination of knowledge to non-security teams who act as security champions, especially in agile environments
* Seeking and maintaining knowledge (cross/up skill) of current and upcoming IT security technologies
* Mentor more junior members of the team
* Awareness of latest and common security concerns
* Knowledge of virtualization technologies

MINIMUM KNOWLEDGE, SKILLS AND ABILITIES REQUIRED:

* Bachelor's degree in Computer Science/Information Systems or equivalent combination of education and experience; Master's degree a plus
* Industry Standard Certifications such as, but not limited to: CompTIA Security +, ISC2 CISSP, CISM, CISA, and EWS are preferred
* Must be able to communicate ideas both verbally and in writing to management, business and IT sponsors, and technical resources in language that is appropriate for each group
* At least 10 years of related experience, including at least 5 years in a hands-on information security consulting or architecture related role
* Experience across multiple Information Technology domains, such as networking / infrastructure, operating system management, identity management, data management, and related security controls, demonstrating increasing areas of responsibility
* Solid conceptual understanding of information security principles
* Working knowledge of application and data security concepts, best practices, and common vulnerabilities.
* Previous experience working with offshore teams desired.
* Financial industry experience is a plus.
* Excellent ability to diagnose and troubleshoot security related issues.

Principal Information Security Engineer - Engagement and Architecture

LOCATION -- Cincinnati, Ohio 45263

Fifth Third Bank, National Association is proud to have an engaged and inclusive culture and to promote and ensure equal employment opportunity in all employment decisions regardless of race, color, gender, national origin, religion, age, disability, sexual orientation, gender identity, military status, veteran status or any other legally protected status.