CIT is a leading national bank focused on empowering businesses and personal savers with the financial agility to navigate their goals. CIT Group Inc. (NYSE: CIT) is a financial holding company with over a century of experience and operates a principal bank subsidiary, CIT Bank, N.A. (Member FDIC, Equal Housing Lender). The company's commercial banking segment includes commercial financing, community association banking, middle market banking, equipment and vendor financing, factoring, railcar financing, treasury and payments services, and capital markets and asset management. CIT's consumer banking segment includes a national direct bank and regional branch network. Discover more at cit.com/about.
CIT is seeking a VP - Security Platforms Engineering to manage and support Information Security application services.
The VP is expected to be able to independently deploy and maintain security management technologies in all phases of the platform life cycle.
The position’s primary focus will be to manage Information Security applications and tools. This person will work closely with the Information Security team and VP - Security Platforms to provide support, deliver new initiatives, and manage uptime and upgrades.
Oversee all aspects of the configuration, development and operation of IT Security applications, including integration into the overall application landscape. Provide outstanding customer service to the IT Security organization.
Develop and maintain a roadmap of the application’s upgrades and developments Manage a portfolio of application-related projects, and directly manage selected projects within that portfolio. Coordinate with team leads to ensure applications are sound and adhere to architectural guidelines In association with business personnel, map as-is and to-be business processes and develop plans to transition from the as-is to the to-be state
Self-motivation, teamwork and experience working in a fast paced environment are highly desired. The ideal candidate should have a deep understanding of both information security and computer science. They should understand basic concepts such as networking, applications and operating system functionality. The candidate should be able to quickly assimilate new information while understanding the threat vectors and how to properly assess them. The candidate must demonstrate proven success in working in a team as well as independently and exhibit follow-through to understand root causes of issues. This position calls for an individual who exhibits thoughtful introspection but is also able to assess a broad spectrum of issues. A collaborative approach is a must, as well as the ability to effectively communicate with a wide range of technical and non-technical personnel.
Hands on experience with Application Security controls including design, dynamic scans, static code analysis for control flow and analysis.
Experience with security technologies including Data Loss Prevention (DLP), Database masking, Data access management, Web application firewalls, Vulnerability scanning, Proxy, DDoS protection, Advanced threat and malware detection, SIEM, etc. Knowledge of TCP/IP Protocols, network analysis and network/security applications.
Ability to multi-task without compromising deadlines and assignment expectations
Take direction from project management and work as part of a collaborative team
Basic project management competencies such as following process and protocol for project delivery, ability to identify project risks, project multitasking, and ability to self-manage when appropriate
Ability to execute assessments as defined in project plans, within assigned budgets and due dates
High motivation, integrity, and commitment to self-development
Strong written and verbal communication skills
Cloud Knowledge (Azure, AWS, Office365)
Broad industry knowledge within Information Security • 5+ years of experience with security frameworks (e.g., ISO 27002, NIST, etc.)
• 5+ years of experience running security related software;
• 5+ years of technical security experience in applying information security best practices
• Ability to work with other functions to achieve security objectives.
• B.S in Technology or Related area.