Director, Cyber Strategy & Architecture

Responsibilities include but are not limited to:

* Set and evolve the Bank's enterprise cyber security vision, strategy, and architecture roadmap, providing enduring direction across applications, infrastructure, cloud, network, and data domains.

* Serve as a trusted strategic advisor to executive leadership and the Board, translating complex cyber risk into clear business, regulatory, and risk based decisions.

* Establish enterprise security architecture standards, principles, and reference designs, enabling secure integration, data exchange, and scalable reuse across initiatives and partners.

* Act as the authority on emerging technology and cyber risk, defining acceptable risk thresholds, guiding innovation and POCs, and conducting architectural reviews for new products, platforms, and integrations.

* Provide senior leadership during cyber incidents and technology crises, serving as an escalation point while shaping resilient, sustainable operating models.

* Represent the Bank as a cyber thought leader, engaging fintechs, startups, and partners, participating in industry forums, and mentoring senior technical talent to strengthen long term capability.

Required Skills:

* Expert knowledge in defining security architecture requirements, threat modeling and risk management.

* Expert knowledge of enterprise, application, and network security architecture mechanisms, components and integration with technology components and operations.

* Strong knowledge of application security, web and application design, databases, operating systems, hypervisors, IP networks, microservices, container technology, system integration technologies and securing cloud-based applications.

* Expert knowledge of cloud computing technologies including Microsoft Azure and Amazon AWS.

* AI/LLM threat modeling (prompt injection, data poisoning, model theft).

* Securing ML pipelines (training → inference → deployment).

* Understanding OWASP Top 10 for LLMs.

* Adversarial ML risks (evasion, poisoning, model inversion) wrap up.

* Strong understanding of banking regulations and third-party risk.

* Excellent verbal and written communication skills.

* Strong interpersonal skills to facilitate building positive working relationships at all levels within the bank.

* Ability to define long-term cyber strategy, influence executive decision-making, and communicate complex technical issues clearly.

* Ability to handle multiple priorities simultaneously.

* Ability to delegate assignments and deal with "crisis-type" situations.

Required Experience:

* Bachelor's degree in Cybersecurity, Computer Science or related field and a minimum of 10 years' Information Technology and Information Security experience.

Preferred Experience:

* Master's Degree in Cybersecurity, Computer Science, or a related field.

* CISSP, CISM, GSEC, CRISC, or other relevant professional certifications.