Key Responsibilities:

1. Security Governance & Strategy

• Define and maintain security standards, policies, and guardrails.

• Establish governance models (roles, responsibilities, accountability).

• Align cloud, network, and SRE security with enterprise risk management.

• Ensure compliance with regulatory and industry frameworks.

2. Risk & Asset Management

• Define standards for asset inventory, data classification, and Zero Trust architecture.

• Lead threat modeling and risk assessments.

• Establish risk identification, prioritization, and third-party risk practices.

3. Security Architecture

• Design and govern secure reference architectures across:

  • Cloud, network, and infrastructure

  • IAM, encryption, and key management

• Define baseline security controls (multi-cloud, hybrid environments).

• Enforce principles such as least privilege, defense-in-depth, and zero trust.

4. Monitoring & Detection

• Define requirements for logging, monitoring, and SIEM integration.

• Establish standards for log collection, retention, and threat detection use cases.

• Promote adoption of cloud-native observability and security tools.

5. Incident Response & Resilience

• Define incident response frameworks and playbooks in collaboration with SecOps.

• Ensure integration with SOC/SOAR capabilities.

• Support recovery and resilience strategies.

6. Security Assurance & Compliance

• Define and enforce security control frameworks and baselines.

• Support audits and compliance assessments.

• Enable continuous compliance monitoring.

7. DevSecOps & Automation

• Embed security into CI/CD pipelines (SAST, DAST, SCA).

• Promote Infrastructure-as-Code (IaC) security and policy-as-code.

• Drive security automation and standardized controls.

Key Deliverables

• Security standards and policies

• Reference architectures and guardrails

• Cloud and infrastructure security baselines

• Control frameworks and mappings (e.g., NIST CSF)

• Risk assessment frameworks

Skills & Expertise

• Cloud (AWS, Azure, GCP), Network Security, Infrastructure, Backup & DR

• Observability (Azure Monitor, Datadog), SIEM/SOAR

• NIST CSF, NIST 800-53, CIS, ISO 27001

• DevSecOps, IaC, automation, and SRE practices

• Strategic thinking and strong architecture mindset

• Stakeholder management and communication

• Ability to translate risk into actionable standards

#TBdigital

#hybrid