Director, Cyber Strategy & Architecture

At Valley Bank, we believe in people’s growth potential. We invest in it, protect it, and focus it. For nearly 100 years, we’ve been the bank that clients from every industry turn to for expertise, strategies, and advice, building the trust that fuels every goal. We are the leading relationship bank built for growth with over $60 billion in assets, 3,800 experts, and more than 200 consumer branches and commercial banking offices across the U.S. We are driven by ambition that goes deeper than a job;

we help you turn your passions and strengths into assets that propel your ambitions and build a professional legacy.

The Director, Cyber Strategy & Architecture is responsible for providing enterprise‑wide cyber security architecture leadership and serving as the bank’s authoritative technical subject‑matter expert across multiple cyber domains. This role combines deep technical expertise in enterprise, application, and network security architecture with the strategic insight required to shape long‑term cyber direction and enable secure business innovation.

The position is accountable for bridging current‑state cyber capabilities with future‑state needs by identifying emerging risks, defining acceptable risk levels for new technologies, guiding executive decision‑making, and supporting a sustainable cyber operating model.

• Set and evolve the bank’s enterprise cyber security vision, strategy, and architecture roadmap, providing direction across applications, infrastructure, cloud, network, and data domains.
• Serve as a trusted strategic advisor to executive leadership and the board, translating complex cyber risk into clear business, regulatory, and risk‑based decisions.
• Establish enterprise security architecture standards, principles, and reference designs, enabling secure integration, data exchange, and scalable reuse across initiatives and partners.
• Act as the authority on emerging technology and cyber risk, defining acceptable risk thresholds, guiding innovation and proofs of concept, and conducting architectural reviews for new products, platforms, and integrations.
• Provide senior leadership during cyber incidents and technology crises, serving as an escalation point while shaping resilient, sustainable operating models.
• Represent the bank as a cyber thought leader, engaging fintechs, startups, and partners, participating in industry forums, and mentoring senior technical talent to strengthen long‑term capability.

• Expert knowledge in defining security architecture requirements, threat modeling, and risk management.
• Expert knowledge of enterprise, application, and network security architecture mechanisms, components, and integration with technology components and operations.
• Strong knowledge of application security, web and application design, databases, operating systems, hypervisors, IP networks, microservices, container technology, system integration technologies, and securing cloud‑based applications.
• Expert knowledge of cloud computing technologies including Microsoft Azure and Amazon AWS.
• AI/LLM threat modeling (prompt injection, data poisoning, model theft).
• Securing ML pipelines (training → inference → deployment).
• Understanding OWASP Top 10 for LLMs.
• Adversarial ML risks (evasion, poisoning, model inversion).
• Strong understanding of banking regulations and third‑party risk.
• Excellent verbal and written communication skills.
• Strong interpersonal skills to facilitate building positive working relationships at all levels within the bank.
• Ability to define long‑term cyber strategy, influence executive decision‑making, and communicate complex technical issues clearly.
• Ability to handle multiple priorities simultaneously.
• Ability to delegate assignments and handle “crisis‑type” situations.

• Bachelor’s degree in Cybersecurity, Computer Science, or related field and a minimum of 10 years of information technology and information security experience.

• Master’s degree in Cybersecurity, Computer Science, or a related field.
• CISSP, CISM, GSEC, CRISC, or other relevant professional certifications.