Our Firm



Cloud Security Architect


TIBCO | 60500 Security | Palo Alto, CA

The TIBCO Information Security Team works with teams from across TIBCO, including engineering, operations, IT, legal, and sales, to ensure continuous improvement in our security posture. The Security Team’s efforts directly affect both TIBCO corporate and our customers. The team has a diverse set of responsibilities to ensure that risks that affect TIBCO customers as well as TIBCO itself are identified and remediated.
Skills & Requirements

A TIBCO Cloud Security Architect needs to be comfortable:

  • Working with all stakeholders to implement cloud security architectures and best practices by determining security requirements and proposing solutions that balance business requirements with information and cyber security requirements.
  • Assisting in guiding, prioritizing, and measuring our efforts in achieving and maintaining cloud security.
  • Performing internal cloud services security reviews and recommending changes or enhancements for identified security design gaps in existing and proposed architectures.
  • Aligning security standards, frameworks and policies with overall business and technology strategy.
  • Designing and building prototype security solutions, including security specific test cases.
  • Performing and facilitating security reviews and threat modeling exercises, identifying attack vectors that may be used to exploit cloud services and working collaboratively to remediate.
  • Drive on-going security testing for vulnerabilities utilizing both automated and manual testing tools.
  • Identifying and communicating current and emerging cloud security threats, including specifying requirements and controls to mitigate threats as they emerge.
  • Assisting with security reviews of third party vendors and services providers when needed.
  • Assisting with Incident Response as required and contributing to GDPR breach notification efforts.
  • Assisting with customers’ specialized security questionnaires related to cloud security.
  • Working cross company to identify and implement GDPR requirements, related to cloud services offerings.
  • Influencing culture by helping drive Secure Cloud Adoption.
  • Staying current by tracking and understanding emerging security practices and standards; participating in educational opportunities; reading professional publications; maintaining personal networks; participating in professional organizations.

We also have a Detection and Response role to provide technical direction and oversight of the cybersecurity incident detection and response function including:

  • Implementing the necessary controls, infrastructure and procedural playbooks to monitor, identify and provide proactive detection and response.
  • Performing incident triage and handling by determining scope, urgency and potential impact in order to identify the incident cause and recommending actions for expeditious remediation.
  • Coordinating with appropriate stakeholders and acting as subject matter expert to resolve incidents, including facilitating root cause analysis.
  • Developing and ensuring incident document is properly generated from initial detection through final resolution.
  • Reviewing detailed incident reports and provides technical briefs as required.
  • Working across all of TIBCO to identify, evaluate and report cybersecurity risks.
  • Analyzing data, such as logs or packets captures, from various sources and drawing conclusions regarding past and future security incidents.
  • Maintaining and expanding appropriate information security metrics for detection and response.