Cloud Security Architect
The Cloud Security Architect leads the design and development of innovative security architectures for protecting TaskUs cloud environments, including hybrid cloud implementations. The Cloud Security Architect will develop road maps, design and create blueprints, implement and support a secure cloud infrastructure that meets the business needs and aligns with the company’s strategic vision. Breadth of responsibility will include planning and design, implementation review and post-audit, and day-to-day guidance and approvals for changes/builds. The ideal candidate will have previous experience working in a very fast paced and dynamic environment. This position will directly contribute to the overall global enterprise security architecture and lead the security vision and strategy around all global clouds and cloud-based applications, across all types (including Infrastructure, Platform, and Software as a Service (IaaS/PaaS/SaaS).
The Cloud Security Architect will serve as a primary point of contact for InfoSec for other technology teams within TaskUs for all matters related to cloud security. The successful candidate possesses the excellent interpersonal and communication skills required to partner with other leaders across the business to identify opportunities and risks and develop and deliver solutions that support business strategies and protect TaskUs’ intellectual property and confidential data globally.
- Expertise – Collaborate with IT Managers, Operations Managers, and InfoSec teams, to architect and design cloud security solutions. Expertise in the security of LAN, WAN and MPLS and SD-WAN clouds is required, as is expertise in cloud security services within AWS is important as is proficiency with Palo Alto firewalls, Cisco firewalls and routers, and familiarity with Cloud Access Security Brokers (CASB) and other cloud-proxy technologies.
- Delivery – Complete architecture assessments across projects, prove use of security solutions to support new distributed computing solutions that span global clouds and data centers, as well as public cloud services and a large portfolio of cloud applications.
- Security Technology Strategy - Work with engineering, service and business teams to create technology roadmaps.
- DevSecOps - Lead, define and map digital architecture processes for designing large scale DevSecOps pipelines;Coordinate DevOps security effectively improve visibility across the CI/CD pipeline in order to assist IT teams in delivering secure infrastructure solutions
The Cloud Security Architect will also be responsible for facilitating the integration of security controls within the entire corporate cloud environment in line with applicable requirements from PCI DSS, SOC 2, HIPAA/HITRUST and ISO 27001.
- Design and develop security architectures for cloud and hybrid cloud based systems. Possess a firm understanding of the offerings within both AWS and the major enterprise SaaS products in use. Based on business requirements, design and implement cloud-native architectures and designs that will allow those requirements to be met with a minimal degree of risk to TaskUs and with appropriate security controls present.
- Represents Security Platform in development and implementation of the overall global enterprise architecture. Acts as the ambassador and senior technical representative for InfoSec while engaging with other senior technical leaders throughout TaskUs in design and implementation of cloud and cloud/hybrid based implementations and solutions. Works with Operations/Engineering, Infrastructure Services, and Application Development organizations to choose appropriate technology solutions and facilitates complete integration into the TaskUs environments. Develops standards in partnership with Engineering, Infrastructure Services, and Application Development.
- Leads training and technical forums, serves as both a formal and informal mentor, and executes other initiatives designed to share knowledge across Security Platforms and/or Technology teams. Identifies, recommends, coordinates, and/or conducts informal/formal training sessions to deliver timely knowledge to support teams regarding technologies, processes or tools. Develops and executes strategies to increase cloud security knowledge throughout the enterprise, as well as developing and mentoring more-junior security analysts and engineers.
- Protect the company from internal data theft, financial loss due to a breach or an external attack on its information systems.
- Collaborate with management to form and execute technology strategies, and provide technical expertise and recommendations for Information Security projects and initiatives.
- Execute complex security upgrades, certifications, and compliance initiatives.
- Identify opportunities for automation, cost savings, and service quality improvement.
- Perform research of third-party technologies, tools, and applications that are introduced during the presales process.
- Strengthen client relationships by coordinating security solutions and functions to address complex business problems that strengthen TaskUs’ position with clients.
- Maintain an organization-wide view of current and future IT security architectures in support of company goals and objectives.
- Maintain awareness of trends in state-of-the-art technologies in the information security industry.
- Bachelor’s degree in MIS/Computer Science or Business and/or a combination of education and relevant experience.
- A minimum of 10 years IT experience; at least four of those years focused on IT security and/or IT audit.
- An industry recognized information security certification, such as AWS certified (security, architect, etc), CISA, CISM, CISSP, CCSP, CCIE Security or CEH.
- Expertise in the security of LAN, WAN and MPLS and SD-WAN clouds is required, as is expertise in cloud security services within AWS is required as is proficiency with Palo Alto firewalls.
- In-depth and hands-on experience with at least 2 of the following compliance requirements: PCI DSS, SOC 2, HIPAA/HITRUST and ISO 27001.
- Experience with assessment, development, implementation, optimization, and documentation of a comprehensive and broad set of security technologies and processes including secure software development, application security, data protection, cryptography, key management, identity and access management (IAM), and cloud security within SaaS, IaaS, PaaS, and on-premise environments.
- Working knowledge of common and industry standard cloud-native/cloud-friendly authentication mechanisms (SAML, OAuth, OpenID, etc).
- Experience working with cloud security and governance tools, and server & cloud virtualization technologies.
- Experience performing threat modeling and design reviews to assess security implications and requirements for introduction of new technologies.
- Experience representing technical viewpoints to diverse audiences and in making timely and prudent technical risk decisions.
- Sound technical writing, documentation, and communication skills are required.
- Strong understanding of enterprise, cloud, system and application level security issues.
- Strong understanding of enterprise computing environments, distributed applications, and a strong understanding of TCP/IP clouds.
- Understanding of the system hardening processes, tools, guidelines and benchmarks.
- Candidates should have good Project Management skills with the ability to self-start projects.
- Ability to handle sensitive and/or confidential material and information with suitable discretion.
- Excellent interpersonal skills and a professional demeanor.