Azure AppSec Operations Architect
What We'll Bring
At TransUnion, we have a welcoming and energetic environment that encourages collaboration and innovation. This gives our people the opportunity to hone current skills while building and discovering new capabilities.
Come be a part of our team and work with great people and cutting-edge technology.
What You'll Bring
Protecting the health and wellness of our associates and candidates considering a career at TransUnion is our highest priority. In supporting this vision, our recruitment and new hire experience for this role is fully virtual for the time being. Candidates interviewing will get to know our team over the phone and video, and this role will operate virtually upon hire until we return to the office. Even though we’re not physically together right now, our goal is to provide you a supportive candidate and new hire experience that will immerse you in our culture and set you up for success at TransUnion.
• 5+ years of practical security experience in one or more of the following areas: application security, application development, security architecture, reverse engineering, or penetration testing
• 3+ years practical experience working with Azure security controls
• Moderate understanding of attacker methodologies and offensive strategies for discovery, exploit, privilege escalation, and exfiltration. As well as awareness of defensive best-practices to counter
• Strong understanding of regulatory and compliance requirements (HIPAA, PCI, GDPR) for security controls
• Experience formulating, tracking and reporting security operations metrics to both technical and non-technical audiences, to include executive leadership
• Ability to function autonomously and, in accordance with our cybersecurity strategy, make decisions and collaborate effectively in a fast moving, highly-matrixed, and sometimes ambiguous environment
• Ability to leverage high level operating guidance to prioritize and execute tasks
• Strong organizational, oral communication and documentation skills
• Experience communicating operational requirements to architects and engineers designing and building security controls
Impact You'll Make
TransUnion is undertaking a global technology transformation effort focused on cloud and devops and its cybersecurity team is building and delivering tailored services to evaluate, threat model, and defend this new attack surface. This position will play a key role in ensuring that new architectures and transformation initiatives are appropriately designed, governed, and instrumented to enable key cybersecurity services including security monitoring and response, threat hunting, penetration testing, vulnerability management, application security, red teaming, user entity behavior monitoring, and insider threat investigations. This position will drive design and actively support internal delivery of the aforementioned services specific to these new technology environments.
• Design the cybersecurity strategy to secure Azure environments
• Work closely with cybersecurity delivery teams to understand their operating models and ensure their operational requirements are satisfied
• Help design and support delivery of cybersecurity services specific to new technology landscapes
• Collaborate with cloud security engineers and architects to enable secure, yet efficient design of new technology environments that are both performant and secure
• Collaborate with devops teams and application teams to design operating models to effectively understand security risks and how to monitor, hunt, and respond within their technology ecosystems
• Represent cybersecurity mission requirements and value to senior leaders across the IT organization
• Regularly update key leaders in the cybersecurity organization on how technology transformation efforts are affecting demand for their teams’ service, as well as if and how new services are required to effectively secure the environment
• Oversee, evaluate effectiveness, and, as necessary, adjust delivery model for cybersecurity services across cloud and devops environments