Assistant Vice President - Cloud Security Architect

Assistant Vice President - Cloud Security Architect

Role Purpose

Responsible for planning and coordinating with IT and business functions on security architecture & design principle to supports the maintenance of information security, ensuring the integrity, availability & confidentiality of SBI Card internal and customer's information hosted in cloud. The role is also responsible for assuring that all technology solutions and services being delivered are compliant with our ISMS and that all exceptions and risks are documented and managed.

Role Accountability

Cloud Security Architecture

1. Lead the design and development of Azure and AWS security architectures for protecting PII/PCI data deployed into different types of cloud and cloud/hybrid systems
2. Lead the security vision and strategy around cloud-based applications, across all types (including Infrastructure, Platform, and Software as a Service (IaaS/PaaS/SaaS)
3. Serve as the central point of contact for Enterprise Security for other Technology teams within the organization for all matters related to cloud security
4. Design and develop security architectures for cloud and cloud/hybrid based systems. Possess a firm understanding of the offerings within Amazon Web Services (AWS) and the Microsoft Azure platforms
5. Design and implement cloud-native architectures and designs that will allow those requirements to be met with a minimal degree of risk to Organization and with appropriate security controls present
6. Represent Security Platform in development and implementation of the overall enterprise cloud architecture
7. Act as the ambassador and senior technical representative for Enterprise Security while engaging with other senior technical leaders throughout organization in design and implementation of cloud and cloud/hybrid based implementations and solutions
8. Works with IT Infrastructure Services, and Application Development organizations to choose appropriate technology solutions and facilitates complete integration into the company environments
9. Develop standards in partnership with Engineering, Infrastructure Services, and Application Development.
10. Lead initiatives designed to share knowledge across Security Platforms and/or Technology teams, identify, recommend, coordinate and deliver timely knowledge to support teams regarding technologies, processes or tools
11. Oversees the development and maintenance of the information security strategy and develop and execute strategies to increase Cloud Security knowledge throughout the enterprise
12. Ensures the effective translation of the security architecture is implemented into the solutions
13. Assist to evaluate all the new initiatives/solutions (including Cloud) with the design recommendations and work with project managers and architects during implementation

New Technology & Risks

1. Evaluate and recommend tools and solutions to enhance the security posture of the Enterprise
2. Maintain contact with vendors regarding security system updates and technical support of security products
3. Perform cost-benefit and risk analysis- Analyzes business impact and exposure, based on emerging security threats, vulnerabilities and risks

Project Management

1. Lead project implementation for Information risk management projects
2. Ensure integration of security requirements in project design, timely and high quality delivery of projects
3. Partner with SecOps to develops operational run book to ensure smooth transition post implementation
4. Liaison with IT teams and other biz functions to ensure security is engaged in all projects
5. Ensure process documentation and compliance adherence

Measures of Success

1. Successful implementation/ adoption of any new solution, technology or framework
2. Timely and in- budget delivery of security projects specifications within time and budget
3. Timely delivery of Cloud Security Architecture covering all types (including Infrastructure, Platform, and Software as a Service (IaaS/PaaS/SaaS)
4. Process Adherence as per MOU

Technical Skills / Experience / Certifications

1. Knowledge of enterprise IT Systems, infrastructure and security technologies
2. Knowledge of Information Security Standards like ISO 27001, PCI-DSS, NIST CSF, CSA framework etc.
3. Working knowledge of common and industry standard cloud-native/cloud-friendly authentication mechanisms (OAuth, OpenID, etc.)
4. Experience with deployment orchestration, automation, and security configuration management (Jenkins, Puppet, Chef, etc.) preferred
5. Experience architecting solutions within Amazon Web Services (AWS), Azure, Google Cloud Platform (GCP), VMware NSX, Oracle etc.
6. Experience with assessment, development, implementation, optimization, and documentation of a comprehensive and broad set of security technologies and processes such as secure software development, Application Security, data protection, cryptography, key management, identity and access management (IAM), network security) within SaaS, IaaS, PaaS, and other cloud environments
7. Experience working with cloud security and governance tools, cloud access security brokers (CASBs), and server virtualization technologies
8. Experience with enterprise applications (architecture, development, support, and troubleshooting)
9. Experience performing threat modeling and design reviews to assess security implications and requirements for introduction of new technologies
10. Working knowledge of compliance frameworks and security management standards (e.g., ISO 27001, NIST CSF, CIS etc.)
11. Experience with enterprise architecture and working as part of a cross-functional team to implement solutions
12. Industry standard certifications such as CISSP, CISM, CCSP, CEH, CHFI, Cloud security, ISO27001, SABSA, TOGAF, AWS, Azure etc.

Qualification

Graduate in IT/Computer Science or equivalent

Preferred Industry

BFSI / NBFC /E-commerce/IT & ITES / Telecom