Cloud Security Architect
TIBCO | 60500 Security | Palo Alto, CA
A TIBCO Cloud Security Architect needs to be comfortable:
- Working with all stakeholders to implement cloud security architectures and best practices by determining security requirements and proposing solutions that balance business requirements with information and cyber security requirements.
- Assisting in guiding, prioritizing, and measuring our efforts in achieving and maintaining cloud security.
- Performing internal cloud services security reviews and recommending changes or enhancements for identified security design gaps in existing and proposed architectures.
- Aligning security standards, frameworks and policies with overall business and technology strategy.
- Designing and building prototype security solutions, including security specific test cases.
- Performing and facilitating security reviews and threat modeling exercises, identifying attack vectors that may be used to exploit cloud services and working collaboratively to remediate.
- Drive on-going security testing for vulnerabilities utilizing both automated and manual testing tools.
- Identifying and communicating current and emerging cloud security threats, including specifying requirements and controls to mitigate threats as they emerge.
- Assisting with security reviews of third party vendors and services providers when needed.
- Assisting with Incident Response as required and contributing to GDPR breach notification efforts.
- Assisting with customers’ specialized security questionnaires related to cloud security.
- Working cross company to identify and implement GDPR requirements, related to cloud services offerings.
- Influencing culture by helping drive Secure Cloud Adoption.
- Staying current by tracking and understanding emerging security practices and standards; participating in educational opportunities; reading professional publications; maintaining personal networks; participating in professional organizations.
We also have a Detection and Response role to provide technical direction and oversight of the cybersecurity incident detection and response function including:
- Implementing the necessary controls, infrastructure and procedural playbooks to monitor, identify and provide proactive detection and response.
- Performing incident triage and handling by determining scope, urgency and potential impact in order to identify the incident cause and recommending actions for expeditious remediation.
- Coordinating with appropriate stakeholders and acting as subject matter expert to resolve incidents, including facilitating root cause analysis.
- Developing and ensuring incident document is properly generated from initial detection through final resolution.
- Reviewing detailed incident reports and provides technical briefs as required.
- Working across all of TIBCO to identify, evaluate and report cybersecurity risks.
- Analyzing data, such as logs or packets captures, from various sources and drawing conclusions regarding past and future security incidents.
- Maintaining and expanding appropriate information security metrics for detection and response.