Cloud Security Architect
Job Description : Job Description
Cloud Security Architect will leverage broad technical knowledge of the security practices of key public cloud offerings of providers such as Amazon Web Services, Azure or Google to establish secure design patterns, to architect integrations with SunTrust's existing security policies and collaborate with information security officers to identify and close policy gaps, and to assist in ensuring the security and compliance of the cloud environment.
You will be:
• Leading the Cloud Security Infrastructure Design and Architecture for the enterprise.
• Be a key member of the team driving the Cloud Security Infrastructure Design and Architecture for the enterprise.
• Be an evangelist for a cloud-first approach, recognizing and incorporating SunTrust-specific business requirements, in order to architect solutions that best balance business agility, operational costs, and security risk
• Conducting cloud security analysis of prospective applications migrating to Cloud platforms/environments based on NIST's Cyber Security Framework and NIST 800-53 r4. This can include Cloud platforms such as GCP, Azure, and AWS.
• Performing Cloud Security Assessments of Cloud platforms/environments using industry standard frameworks such as CSA, PCI, and NIST.
• Executing on Cloud security engagements during different phases of the lifecycle assess, design, and implementation.
• Implementation of industry leading practices around cyber risks and Cloud security.
• Designing and developing Cloud-specific security reference architecture patterns aligned with the organizations policies, standards and procedures e.g. firewall management, SSL/IPSec, security incident and event management (SIEM), data protection (DLP, encryption), user account management (SSO, SAML), and password/key management.
• Assisting application teams with transitions to the Cloud from existing on premise environments.
• Documenting all technical issues, analysis, teammate communication, and resolution.
• Provide internal technical training to Advisory personnel as needed.
• Develop complex enterprise reference architecture views with detailed security context
• Build and develop Enterprise Cloud Security Architecture practice.
• Participate in cross-functional teams to develop cloud service on-boarding framework.
• Participate in cross-functional Enterprise Architecture team to align cloud security architecture objectives with Enterprise Architecture.
• Develop and participate in Enterprise Architecture reviews for on-boarding SaaS based services.
• Participate in Enterprise Architecture reviews for on-boarding SaaS based services.
• Collaborating with multiple stakeholders across functional and technical skillsets.
• Building and maintaining large-scale, multi-part programs while supervising teams to execute against overall strategy.
• Translating pillar strategy by leading others and performing work with significant independence.
• Contributing new intellectual capital through deep specialization in a subject matter area or technical domain within Security Architecture.
• Influencing both internally and externally through building and leading a large team or complex project, or multiple teams or projects, within Security Architecture.
• Engaging business and technology stakeholders at all levels to gather long term goals and requirements. Qualifications
Bachelor's degree in and 7 years of experience in development or an equivalent combination of education and work experience. In-depth knowledge in information systems and ability to identify, apply, and implement best practices.
Understanding of multiple disciplines/processes related to the position.
Experience applying and utilizing enterprise architecture standards. Understanding of key business processes and competitive strategies related to the IT function.
Ability to plan and manage projects.
Ability to solve complex problems by applying best practices.
Ability to provide direction and mentor less experienced teammates.
Ability to interpret and convey complex, difficult, or sensitive information.
Public cloud certifications (such as AWS Certified Solutions Architect - Associate or Professional)
Security Certifications (such as CISSP, ISSAP, CISM, CCSP)
Expertise in architecting Cloud Service Provider (CSP)-hosted solutions in one or many of the following domains (such as Identity and Access Management - IAM [aka access control], cryptography, networking, DevSecOps, migration to cloud, and/or cloud governance.
Equal Opportunity Employer: SunTrust supports a diverse workforce and is a Drug Testing and Equal Opportunity Employer. SunTrust does not discriminate against individuals on the basis of race, creed, color, gender, religion, national origin, age, disability, veteran status, pregnancy, marital status, citizenship status, sexual orientation, gender identity, genetic information, or any other classification protected by applicable laws.
To review the EEO Poster, copy and paste the following link into your browser: http://www1.eeoc.gov/employers/upload/eeoc_self_print_poster.pdf http://www.dol.gov/ofccp/regs/compliance/posters/pdf/OFCCP_EEO_Supplement_Final_JRF_QA_508c.pdf