Founded in 1908, CIT (NYSE: CIT) is a financial holding company with approximately $50 billion in assets as of Dec. 31, 2017. Its principal bank subsidiary, CIT Bank, N.A., (Member FDIC, Equal Housing Lender) has approximately $30 billion of deposits and more than $40 billion of assets. CIT provides financing, leasing, and advisory services principally to middle-market companies and small businesses across a wide variety of industries. It also offers products and services to consumers through its Internet bank franchise and a network of retail branches in Southern California, operating as OneWest Bank, a division of CIT Bank, N.A. For more information, visit cit.com.
CIT is seeking a VP - Security Platforms Engineering to manage and support Information Security application services.
The VP is expected to be able to independently deploy and maintain security management technologies in all phases of the platform life cycle.
The position’s primary focus will be to manage Information Security applications and tools. This person will work closely with the Information Security team and VP - Security Platforms to provide support, deliver new initiatives, and manage uptime and upgrades.
Self-motivation, teamwork and experience working in a fast paced environment are highly desired. The ideal candidate should have a deep understanding of both information security and computer science. They should understand basic concepts such as networking, applications and operating system functionality. The candidate should be able to quickly assimilate new information while understanding the threat vectors and how to properly assess them. The candidate must demonstrate proven success in working in a team as well as independently and exhibit follow-through to understand root causes of issues. This position calls for an individual who exhibits thoughtful introspection but is also able to assess a broad spectrum of issues. A collaborative approach is a must, as well as the ability to effectively communicate with a wide range of technical and non-technical personnel.
Hands on experience with Application Security controls including design, dynamic scans, static code analysis for control flow and analysis.
Experience with security technologies including Data Loss Prevention (DLP), Database masking, Data access management, Web application firewalls, Vulnerability scanning, Proxy, DDoS protection, Advanced threat and malware detection, SIEM, etc. Knowledge of TCP/IP Protocols, network analysis and network/security applications.
Ability to multi-task without compromising deadlines and assignment expectations
Take direction from project management and work as part of a collaborative team
Basic project management competencies such as following process and protocol for project delivery, ability to identify project risks, project multitasking, and ability to self-manage when appropriate
Ability to execute assessments as defined in project plans, within assigned budgets and due dates
High motivation, integrity, and commitment to self-development
Strong written and verbal communication skills
Broad industry knowledge within Information Security
• 5+ years of experience with security frameworks (e.g., ISO 27002, NIST, etc.)
• 5+ years of experience running security related software;
• 5+ years of technical security experience in applying information security best practices
• Ability to work with other functions to achieve security objectives.
• B.S in Information Technology or Information Security.