Make banking a Fifth Third better®
We connect great people to great opportunities. Are you ready to take the next step? Discover a career in banking at Fifth Third Bank.

GENERAL FUNCTION

The Principal Governance Analyst – Application Security is responsible for leading governance, policy, and control oversight for cloud, container, orchestration, and AI/ML security across the Bank. This advanced professional role provides authoritative guidance on security controls, documentation quality, regulatory alignment, and structured governance processes. The role partners closely with engineering, architecture, risk, compliance, and audit stakeholders to ensure defensible, consistent, and scalable governance practices for modern technology platforms.

SUPERVISORY RESPONSIBILITIES:

None

ESSENTIAL DUTIES AND RESPONSIBILITIES:

• Lead the governance framework for cloud, container, orchestration, and AI security by ensuring that risks, controls, and processes are aligned with regulatory expectations, audit requirements, and internal control frameworks. Produce clear, complete, and defensible documentation that provides a repeatable record of risks, controls, and processes and ensures the Bank maintains audit‑ready materials that withstand regulatory scrutiny.
• Drive the development, simplification, and consolidation of policies and standards across cloud, containerization, virtualization, orchestration, and AI/ML platforms. Ensure these requirements are clear, enforceable, and aligned to real engineering workflows so they can be implemented consistently and effectively.
• Act as the authoritative reviewer for third‑party governance responses, assessing non‑conforming items, identifying meaningful risk, and partnering with SMEs and control owners to determine appropriate actions.
• Execute structured governance review cycles with engineering leaders for security tooling, guardrails, and platform standards; manage socialization, feedback, and alignment processes.
• Represent Information Security in Bank‑wide and cross‑functional working groups, providing a strong point of view on secure‑by‑design principles and surfacing platform‑level risks early.
• Improve governance workflows for scale and consistency by supporting and refining ad hoc review and approval processes. Ensure workflows support growth, resiliency, and engineer-friendly execution.
• Other duties as required.

MINIMUM KNOWLEDGE, SKILLS, AND ABILITIES REQUIRED:

Required:

• Strong understanding of cloud security (e.g., AWS), container security, and container orchestration (Kubernetes preferred).
• Working knowledge of AI/ML security risks, model lifecycle considerations, and emerging regulatory expectations.
• Experience translating technical designs, risks, and controls into documentation suitable for auditors, regulators, and senior leadership.
• Experience writing or maintaining policies, standards, or control documentation in a regulated environment.
• Ability to challenge respectfully, influence decision makers, and take a clear position when ambiguity exists.
• Demonstrated ability to partner effectively with senior engineers and architects without needing to be the deepest SME.
• Strong understanding of audit processes and what mature controls and evidence look like.
• Ability to run structured working sessions, facilitate decisions, and drive closure.
• Excellent communication skills, with the ability to simplify complex technical topics for diverse audiences.

Preferred:

• Experience in a financial services or similarly regulated environment.
• Familiarity with NIST CSF, PCI DSS, CSA CCM, NIST 800‑53, FFIEC, OCC, or other regulatory frameworks.
• Hands‑on experience with cloud or container platforms in a past engineering, architecture, or security role.
• Experience with security tooling across cloud, containers, or software development (e.g., CSPM, container scanning, DAST).
• Prior experience as a security lead, governance analyst, or control owner in a large enterprise.

Principal Governance Analyst - Application Security

Total Base Pay Range 96,500.00 - 207,500.00 USD Annual

At Fifth Third, we understand the importance of recognizing our employees for the role they play in improving the lives of our customers, communities and each other. Our Total Rewards include comprehensive benefits and differentiated compensation offerings to give each employee the opportunity to be their best every day.

The base salary for this position is reflective of the range of salary levels for all roles within this pay grade across the U.S. Individual salaries within this range will vary based on factors such as role, relevant skillset, relevant experience, education and geographic location. In addition to the base salary, this role is eligible to participate in an incentive compensation plan, with any such payment based upon company, line of business and/or individual performance.

Our extensive benefits programs are designed to support the individual needs of our employees and their families, encompassing physical, financial, emotional and social well-being. You can learn more about those programs on our 53.com Careers page at: https://www.53.com/content/fifth-third/en/careers/benefits.html or by consulting with your talent acquisition partner. 

LOCATION -- Virtual, Ohio 00000

Attention search firms and staffing agencies: do not submit unsolicited resumes for this posting.  Fifth Third does not accept resumes from any agency that does not have an active agreement with Fifth Third.  Any unsolicited resumes – no matter how they are submitted – will be considered the property of Fifth Third and Fifth Third will not be responsible for any associated fee.

Fifth Third Bank, National Association is proud to have an engaged and inclusive culture and to promote and ensure equal employment opportunity in all employment decisions regardless of race, color, gender, national origin, religion, age, disability, sexual orientation, gender identity, military status, veteran status or any other legally protected status.