Global Security Architect, Cloud Enablement
What We'll Bring
The Global Security Architecture Team is responsible for evolution and implementation of our global enterprise security strategy in partnership with technology leaders across TransUnion. We work with teams across the organization to:
1) Ensure that TU security platforms and services are designed and implemented to deliver secure and scalable solutions that provide maximum value.
2) Consult, champion, and rationalize security architecture designs, policies, standards, and guidelines.
3) Advise Enterprise Architecture, BISOs, and project teams on security requirements.
4) Support processes that allow TU to evaluate, mitigate, and approve/accept residual risk.
5) Advise and support security technology enablement activities for all cloud and on premise systems.
What You'll Bring
A deep and broad Information Security background
Proven subject matter expertise in AWS Architecture and Engineering
3-5 years demonstrated experience leading design and implementation of technologies in a public cloud environment and on-prem
Experience working in an enterprise Agile environment and participation in Agile ceremonies
Outstanding communication and presentation skills. The ideal candidate is able to articulate complex, technical concepts to non-technical audiences
Innate curiosity coupled with strong problem solving skills
A drive for simplification and automation
A consultative approach with proven expertise and ability to influence peers/external business leaders on security matters
A broad knowledge base that spans across IT constructs, including software development, hardware, systems administration, and operations
Ability to think in terms of Product and Service Delivery, a deep understanding of internal and external customer needs and the ability to design custom strategies and solutions to meet their needs.
We’d Love to See:
7+ years of experience designing and delivering large-scale security solutions utilizing a mixture of hardware and software technologies, across a broad array of security disciplines.
Previous experience with security enablement of cloud technologies and alignment to industry standard frameworks
Previous experience using Archimate and BizzDesign products for solutions design and documentation
The ability to straddle both traditional/legacy (Data Center, physical infrastructure) and modern/next-gen technology (Cloud, XaaS, DevSecOps)
Demonstrated experience working in and influencing priority decisions
2-3 years of experience in a role with full accountability for large scale implementation in large matrixed organizations
Impact You'll Make
As a Subject Matter Expert for cloud security, you will maintain current knowledge of regulatory requirements, trends, best practices and solutions for the entire TU AWS and Azure service catalog and supporting solutions, including but not limited to:Individual AWS services, IaaS/EC2 security (generic and TU-specific), ingress/egress network security, container security, container orchestration security, CI/CD, CloudFormation / Terraform, tagging, serverless / FaaS / Lambda
Cloud process maturity as related to cloud technologies
Generic third-party SaaS solutions
Azure and M365 services and management
Act as a Product Owner for the function of Security Architecture for all cloud related features
Own driving a reduction in tech debt and an increase the security maturity of the cloud environment
You will provide cloud security architecture requirements and joint security reviews to ensure compliance of newly on-boarded cloud services
You will participate in cross functional coordination with other cloud transformation teams and keep security and Agile artifacts current
You will design cloud security solutions, conduct proof-of-concept and prototyping activities and assist InfoSec engineers, developers, and other engineering teams in their design, testing, building, and refinement of implementation plans
You will design and contribute to cloud security relevant architecture diagrams and supporting collateral
You will guide project teams through the Security Exception process, and provide SME approval on cloud-related Security Exceptions
You will consult on cloud security policies, standards and guidelines, working to make security requirements clear and accessible
You will develop cloud reference architectures and reference implementation patterns
You will provide consulting to Enterprise Architecture, BISO's, and Solutions Architects, providing security requirements for planned projects and methods for meeting those requirements for cloud technologies
You will be part of the Cloud Architecture review and approval processes