Cloud Security Architect

Thu, Jul 21, 2016 by Jesse Landry

Department/Area Function:

Technology Risk Management (TRM) is responsible for information security policies, processes and practices for the enterprise including the IT Risk Management program, security policy management, threat and vulnerability management, security awareness and education, application security, key control testing, vendor security assessments, security monitoring and event correlation, security risk assessment, security incident response, and security architecture.

Position Title: Cloud Security Architect

Position Summary:

Responsible for providing highly advanced technical and analytical skills to the Technology Risk Management (Information Security) Office. Under the supervision of the Director, Enterprise Information Security Architecture, will assist in the collection of requirements and contribute Subject Matter Expertise (SME) advice in the areas of Cloud security design, policies, and control standards. Proactively engages staff throughout to communicate cloud security standards, guidelines and strategies. Works with project teams to ensure technical quality of cloud security focused deliverables and adherence to security standards, governance and controls practices. Considered a security and technical expert in cloud security technology, designs, systems implementation and integration, with deep, specialized knowledge of cloud strategy, including all affiliates systems and applications. Conducts technical research when necessary to contribute to setting cloud security direction and strategy. Assists others on own team, or other teams where applicable, on cloud security projects or security-relevant tasks on technical projects.

Principal Responsibilities:

Provides Cloud Security SME advice and guidance related to all activities including Information as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS) initiatives, projects, plans, and reviews.

Contributes subject matter expertise advice in the areas of Cloud security at both the enterprise and project level with a focus towards cloud security

Works with teams to evolve cloud based products to adherence Information Security Policies and Control Standards

Assists project teams during system design with the drafting of logical architectural and design models with a focus on cloud security

Assists project teams during system design to promote the efficient deployment of IT assets to cloud environments in a secure and policy compliant manner.

Advises project teams during system development to ensure compliance with security policies, guidelines, standards, controls, and governance

Shares cloud security vision with key stakeholders by organizing discussions and formal presentations

Participates in working groups of subject matter experts for definition and review of security standards, guidelines, principles, governance and controls

Actively contributes SME advice to TRM members of the Cloud Hosting Evaluation Council

Actively contributes SME advice to TRM members of the Architecture Steering Committee and appropriate architecture roundtable meetings

Works closely with Chief Information Security Architect to ensure a shared vision across for cloud architecture and security

Provides technical guidance to cross-functional application development teams

Contributes to the technology strategy, vision, requirements, and solutions for enterprise cloud initiatives

Designs, develops, and implements new cloud security technologies as necessary to support business and technology solutions

Consults with application development teams to determine cloud security requirements and for planning and delivering cloud based business solutions
Assists in the development of estimates for cloud security for cloud hosted projects

Contributes to defining time tables and project plans

Assists in the definition of milestones and progress tracking