Cloud Security Associate Architect

at  Thomson Reuters

CLOUD SECURITY ASSOCIATE ARCHITECT

Lead individual delivery role for complex security functions reducing risk, improving defensive capabilities, and mitigating cyber threats to both Thomson Reuters and its customers.
Directs implementation of high-quality and innovative cyber defense security solutions across the enterprise by applying analytic, engineering, or other relevant technical expertise. Employs critical subject matter knowledge to identify, develop, and deploy solutions to key operational cyber defense challenges across a range of functions.
Looking forward to advancing your career and Upgrade Yourself? We are growing and we are hiring, come join us!

ABOUT THE ROLE:

In this opportunity as Cloud Security Associate Architect, you will:

• Individual Contributor Role, a subject matter expert with Proficiency in enterprise information security architecture with a good understanding of Cloud Infrastructure
• Well versed with industry Specific, Regulatory, Regional Compliances and Standards
• Be able to Translate Key Use Cases and Business Requirements into Secure Architecture with cyber security controls
• Well Versed with one or more of cloud platforms (AWS, Azure, Google or Oracle) and related architecture concepts and secure design principles Conversant with the new age SaaS Based, AI / ML Driven technologies, platforms and solutions across enterprises and relevant security constraints, solutions and requirements
• Helps improve cyber security risk posture in compliance with NIST Zero Trust, Least Privilege, Defence In Depth, Layered Security Principles from perimeter to end point / cloud edge network security
• Risk Assess, and Drive architecture, design and implementation of cyber security platforms and solutions with architectural excellence, thought leadership with authority

You’re a fit for the role of Cloud Security Associate Architect, if your background includes:

• Cyber Security Controls Definition & Solutions Architecture Design based on industry specific and regulatory standards & compliances such as ISO27001, NIST 800-53, PCI-DSS, HIPAA and Data Privacy Standards viz GDPR, CCPA etc
• Pre-acquisition / Pre-Onboarding - 3rd Party Integration Risk Assessment & Due Diligence of vendor technologies
• Security architecture reviews, across Data Center IT Infrastructure / Hybrid or Multi-cloud platforms
• Design & ensure delivery of high-quality cyber security processes and tools across cloud infrastructure covering but not limited to:
• Secure business Process & Applications Integration;
• 3rd Party Vendor Integration Risk Assessment;
• Network Security – Segmentation & Zoning across environments, regions, VPCs and security groups;
• Secure Access / Network Connect;
• Remote Access VPN & Private Links / DirectConnect etc;
• Perimeter Protection - Layer 4-7 Security – WAF/LB/ADDoS and Web/Email/API Gateway;
• Secure End Points and Secure Workspace;
• Secure Hosts and Compute Workloads; Containers / Microservices Security;
• Identity Access Governance; Secure Access for Employees, Vendors & Customers;
• Data Privacy / Protection – Encryption / Anonymization / Tokenization etc;
• Logging, Auditing and Monitoring; Security Incident Response Management;
• Security Operations / Incident Response Management Processes and Technologies Orchestration
• Vulnerability and Threat Management thereby reducing attack surface improving cyber risk posture of enterprise following Secure Change Configuration management Processe