Planning, owning, and managing the organization’s cloud security strategy and architecture: Acting in partnership with the others in the security operations team and in the enterprise, the CSA will be responsible for creating and maintaining the strategy and architecture for ensuring security in the cloud.
Understanding and aiding selection of cloud security tools and controls: These include existing enterprise tools that can be extended into the cloud, cloud-native security controls, and third-party offerings.
Determining where security controls should be deployed: Guide the effort to plan where specific tools and defenses must be deployed within the cloud security architecture.
Defining design principles that will govern cloud security decisions: These principles will be used to help make choices about which security tools and controls will be deployed, where, and from which vendors and sources
Adoption of Zero Trust Architecture (ZTA) through optimum utilization of micro-segmentation, IAM, CMDB, and Access proxy
Provide day to day operations of the cloud security to Chief Enterprise Architect
First level support for security incidents in the cloud environment
Leverage and validate runbooks
Manage risk management plan (e.g. risk prioritization, gap assessment, and mitigation planning)
Operationalize controls and guidelines for the contract, architecture guidelines, risks, and internal policies
Monitor regulatory landscape and report / escalate pertinent legal modifications in conjunction with client legal department
Liaison with regulators and support client-related audits when required (e.g. PII, GDPR, etc.)
Experience with cloud-native architectures
Experience in implementing Zero Trust Architecture (ZTA)
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.