Cybersecurity Program Strategist - Assessments and Remediation

Truist

Truist

Marketing & Communications

Atlanta, GA, USA

Posted on Apr 24, 2026
Apply now

Language Fluency: English (Required)


Work Shift:

1st shift (United States of America)

Job Grade:

110

Please review the following job description:

Provides technical expertise and leadership to internal business clients for their Cybersecurity related projects and initiatives by working with Corporate Information Security Management and internal lines of business. Responsible for oversight and communication of the cybersecurity programs, which includes: providing strategic direction and prioritization of new security controls/initiatives to address emerging threats; managing portfolio reporting and delivery of cybersecurity controls/capabilities to address risks in our environment.

*** This position is onsite, office-centric (5 days a week), based in a Truist core location in Atlanta (GA), Wilson or Raleigh (NC)

Essential Functions and Responsibilities

Following is a summary of the essential functions for this job. Other duties may be performed, both major and minor, which are not mentioned below. Specific activities may change from time to time.

  • Partner closely with lines of business and internal IT teams to thoughtfully evaluate initiatives, releases, and projects, ensuring technical and cybersecurity requirements are clearly understood and aligned to business objectives.

  • Serve as a trusted advisor by researching and translating business needs into practical, risk‑aware technical solutions through collaboration with internal delivery and application teams, solution providers, and subject matter experts.

  • Clearly communicate and document findings, recommended solutions, impact analysis, and associated risks in a manner tailored for senior leadership and C‑Suite audiences.

  • Lead issue management and remediation efforts within Archer, ensuring issues are accurately documented, ownership is clear, and remediation plans are actionable, measurable, and effectively tracked through resolution.

  • Document cybersecurity findings and remediation strategies with executive‑level clarity, balancing technical accuracy with business context to support informed decision‑making.

  • Oversee and perform qualitative and quantitative analysis to help guide program strategy and inform both near‑term execution and longer‑term planning.

  • Provide informed recommendations on cybersecurity projects and initiatives, incorporating an understanding of the Technology Delivery Lifecycle/Software Delivery Lifecycle (TDLC/SDLC) frameworks and how security controls are integrated throughout the lifecycle.

  • Demonstrate working knowledge of foundational cybersecurity controls and practices, such as SAST, DAST, penetration testing, identity and access management (IAM), and related risk‑reduction techniques.

  • Consult with business leaders to help design, refine, and mature processes and procedures that strengthen security, resilience, and regulatory alignment.

  • Maintain awareness of enterprise technology, infrastructure, standards, and strategic direction, leveraging this understanding to guide partners toward secure, scalable solutions that support overall business goals.

What Success Looks Like in the First 6–12 Months

  • Actively engages with lines of business and security teams to understand initiatives in-flight and directly support projects with clear, actionable cybersecurity guidance.

  • Takes ownership of issue management within Archer, including drafting findings, coordinating with control owners, defining remediation actions, and following up to drive timely issue closure.

  • Personally develops and maintains clear, well‑structured findings and remediation documentation that can be used both operationally and in executive‑level readouts with minimal rework.

  • Participates hands‑on in reviews of business application requests and releases., applying an understanding of TDLC/SDLC processes to identify gaps, risks, and improvement opportunities early in the lifecycle.

  • Actively reviews and evaluates cybersecurity controls and assessment outputs such as SAST, DAST, penetration testing, and IAM findings, helping teams interpret results and prioritize remediation efforts.

  • Performs detailed analysis to support cybersecurity initiatives, turning assessment results, metrics, and trend data into practical recommendations that improve execution and risk reduction.

  • Works directly with business and technology partners to clarify expectations, refine processes, and close gaps in procedures, rather than relying solely on escalation paths.

  • Builds credibility through consistent follow‑through, responsiveness, and the ability to balance risk management expectations with real‑world delivery constraints.

Qualifications

Required Qualifications:

The requirements listed below are representative of the knowledge, skill and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

  • Bachelor's degree in business administration, technology related field or equivalent education and related training

  • Five years of demonstrated progressive experience in Cybersecurity experience

  • Foundational knowledge of cybersecurity terms, concepts, disciplines and frameworks

Preferred Qualifications:

  • Knowledge of financial services industry and all applicable regulations and industry standards

  • Cyber security certifications such a Security +, CISA, CEH are a plus

  • Basic familiarity with GitLab SaaS and CI/CD pipelines, including an understanding of how security controls and testing activities integrate into the software delivery lifecycle.

  • Advanced familiarity with Archer (preferred), ServiceNow (preferred), IBM OpenPages or other Governance Risk and Compliance (GRC) platform

Other Job Requirements / Working Conditions

Sitting

Constantly (More than 50% of the time)

Visual / Audio / Speaking

Able to access and interpret client information received from the computer and able to hear and speak with individuals in person and on the phone.

Manual Dexterity / Keyboarding

Able to work standard office equipment, including PC keyboard and mouse, copy/fax machines, and printers.

Availability

Able to work all hours scheduled, including overtime as directed by manager/supervisor and required by business need.

Travel

Minimal and up to 10%

General Description of Available Benefits for Eligible Employees of Truist Financial Corporation: All regular teammates (not temporary or contingent workers) working 20 hours or more per week are eligible for benefits, though eligibility for specific benefits may be determined by the division of Truist offering the position. Truist offers medical, dental, vision, life insurance, disability, accidental death and dismemberment, tax-preferred savings accounts, and a 401k plan to teammates. Teammates also receive no less than 10 days of vacation (prorated based on date of hire and by full-time or part-time status) during their first year of employment, along with 10 sick days (also prorated), and paid holidays. For more details on Truist’s generous benefit plans, please visit our Benefits site. Depending on the position and division, this job may also be eligible for Truist’s defined benefit pension plan, restricted stock units, and/or a deferred compensation plan. As you advance through the hiring process, you will also learn more about the specific benefits available for any non-temporary position for which you apply, based on full-time or part-time status, position, and division of work.

Apply now
See more open positions at Truist