Trustmark’s mission is to improve wellbeing – for everyone. It is a mission grounded in a belief in equality and born from our caring culture. It is a culture we can only realize by building trust. Trust established by ensuring associates feel respected, valued and heard. At Trustmark, you’ll work collaboratively to transform lives and help people, communities and businesses thrive. Flourish in a culture of diversity and inclusion where appreciation, mutual respect and trust are constants, not just for our customers but for ourselves. At Trustmark, we have a commitment to welcoming people, no matter their background, identity or experience, to a workplace where they feel safe being their whole, authentic selves. A workplace made up of diverse, empowered individuals that allows ideas to thrive and enables us to bring the best to our colleagues, clients and communities.

This individual will be a member of Information Security Team reporting to the Executive Director of Cybersecurity. This individual will also have a dotted line reporting responsibility to the Chief Information Security Officer.

The Enterprise Security Architect focuses on all efforts within IT and the business that require Information Security controls. This individual works with all areas of the business, IT, GCO, vendor management to provide Information Security guidance and required controls. This individual must stay abreast of the laws, and regulations and be a partner with the General Counsel Office and Privacy office to ensure all the related Information Security requirements support and provide the necessary controls these areas require. This individual must assist in the review and guidance for Information Security products and how they are implemented to ensure appropriate levels of visibility and protections. The candidate is required to stay abreast of the Information Security domains, latest threats and countermeasures. This individual must understand risk management and how to socialize and explain and provide appropriate risk descriptions that senior leadership can understand and make necessary decisions regarding. This individual will work with all the Information Security teams providing insight guidance and most of all being a mentor to these teams.

**Responsibilities include but not limited to the following:**

• Developing, documenting, and maintaining the Information Security target reference architecture, reference architecture, and patterns that the solution architects, administrators, and developers can follow.

• Provide Information Security assessments including required controls for all efforts, projects, and implementations for the organization.

• Assist in the evaluation of controls and how well people, process and technology are providing the required level of controls and protections.

• Collaborate and assist with all of the other areas of IT that they understand the necessary controls that they must adhere to.

• Provide guidance and direction in the gold images, infrastructure as a service, automation and minimum required capabilities, enforcing a principle of required services, and access only.

• Recommend Information Security control tests that will provide validation that the appropriate controls are in place.

• Assist in quantifiable risk analysis, including identifying and recommending appropriate levels of risk mitigation.

• Assist in the evaluation of Information Security products to be utilized by the organization and ensuring the owning teams are involved in the selection process.

• Understand the laws and regulations the organization must be compliant with, and the associated controls required to comply with them, including these as requirements in the assessments and any architectural guidance provided.

• 8+ years of experience with Information Security Architecture

• 3 years’ experience with Azure platform

• CISSP, CISM, CISA, CRISC, SANS or equivalent certifications

• Experience in Security and Risk Management, Endpoint Security, Security Architecture and Engineering, Communication and Network Security, Identity and Access Management, Security Assessment and Testing, Security Operations, and Software Development Security.

• Experience with common industry enterprise class products used for Provisioning, Authentication and Authorization used for internal and external utilizations including federation capabilities and implementations.

• Experience with product and cloud management, Infrastructure as a service and automation components.

• Experience with networking, cryptography, DNS, routing, PKI, certificate management, IDS, IPS, scanning and firewalls.

• API implementations, virtual and containerization security

• Secure coding practices, secure software development life cycle, continuous deployment, and continuous integration, secure code testing and code repository security and WAF experience

• Experience with NIST 800-53, CSF, HIPAA, PII, PHI, NY-DFS, PCI

• Bachelor’s Degree or equivalent experience

**Core Competencies:**

• Self-Starter – self-motivated, can work independently as well as with a team

Ability to communicate and negotiate with Sr Leadership

• Strong technical background

• Excellent communication both written and verbal.

• Critical thinking and problem-solving ability

• Ability to negotiate and strong decision-making abilities

Brand: Trustmark

Come join a team at Trustmark that will not only utilize your current skills but will enhance them as well. Trustmark benefits include health/dental/vision, life insurance, FSA and HSA, 401(k) plan, Employee Assistant Program, Back-up Care for Children, Adults and Elders and many health and wellness initiatives. We also offer a Wellness program that enables employees to participate in health initiatives to reduce their insurance premiums.

**For the fourth consecutive year we were selected as a Top Workplace by the Chicago Tribune.** The award is based exclusively on Trustmark associate responses to an anonymous survey. The survey measured 15 key drivers of engaged cultures that are critical to the success of an organization.

All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, sex, sexual orientation, sexual identity, age, veteran or disability.