Information Security Architect (Application Security)
Job Overview
Job title: Information Security Architect (Application Security)
Job description: Job Description
The Thomson Reuters Information Security and Risk Management (ISRM) group is seeking an Application Security Architect to join the unique role, wherein you will be a core member of the team in representing ISRM and work with product management teams within Thomson Reuters.
About the Role:
In the role of an Application Security Architect, you will…
Play an advisory role in application development to assess security requirements and controls and to ensure that security controls are implemented as planned.
Address corporate risks to the product teams which include but not limited to exposures in the cloud, networks, and identity space by clearly understanding business goals.
Partner with Product Management teams to gather new security or compliance requirements based on customer, vendor, and industry needs and coordinate specific policy control implementation across Product Engineering, Infrastructure Security and Risk Management (ISRM) and Infrastructure, Hosting, and Network (IHN) teams
Act as Security SME to product engineers and application architects and can get the CJIS compliant solution or equivalent and serve as the Security Lead in the design, implementation, and integration phases of business products and services to meet the business security requirement
Work with peer security architects to provide the core network, identity, cloud hosting, data security, and other requirements to the owners, developers, and engineers for the application or product which is under design and build phases
Conduct the threat modeling on the application or the product and assess the risk. Maintain a deep understanding of core security disciplines, with close attention to developing industry trends. Strategically apply the industry best frameworks, able to leverage the output of threat modeling techniques, and able to build the repeatable models to understand the business risk and strongly recommend the best controls
Own and independently able to build the end-to-end conceptual and logical patterns leveraging the knowledge from business as well as technology specialists. Conceptual patterns should be repeatable, traceable, and reusable amongst various lines of businesses.
Provide technical security expertise, including communicating security architectural decisions, benefits, risks, and other activities including security requirement definition, and facilitation of security testing and management of residual risk with the product or application teams
About You
You’re a fit for the role of Application Security Architect if you are:
Someone who runs the Data labs or equivalent for the Government and can get the certification for the products
Someone who has familiarity with Cloud Security and has a well-rounded experience in Infrastructure Security and Identity-related services
Familiar with cloud-based enterprise security technologies, various hosting models, SecDevOps principles, and infrastructure security technologies
Comfortable operating in a dynamic, fast-changing, and innovative globally diverse environment and have an operating style that is collaborative, energetic, and results-oriented
Ability to influence others, earn followership, and drive consensus across stakeholder groups
Demonstrate the ability to employ judgment and experience to make rapid, complex decisions
Exceptional critical thinking skills that extend beyond the typical information security subject matter
Ability to flex styles to work well with a range of personalities from extremely technical team members to non-technical business leader
Basic Qualifications:
More than 10 years+ progressive experience in IT security, with a minimum of 8 years of working in IT Security
More than 5+ years of working security architecture efforts that requires close collaboration with project teams and business stakeholders
Good knowledge of CJIS and well conversant with the compliance frameworks such as NIST 800-53, PCI DSS, ISO 27001
Good understanding of the leading TPP frameworks like MITRE ATT&CK
Preferred Qualifications:
Bachelor’s degree in Computer Science, Computer Engineering, or related field required
Certification like CISSP, SABSA, CISA, or AWS Security Specialty is preferred
What’s in it For You
At Thomson Reuters, our people are our greatest assets. Here are some of the benefits we offer for your personal and professional growth:
Learning & Development:
Exposure to a wide breadth of leading-edge technology
Career growth – ability to work on multiple projects and/or with various teams
Professional growth and development opportunity through various training programs, conferences, networking events, in-house speaker series, etc.
Access to Hackathons, Unconferences, Harvard Manage Mentor, and more, we offer learning opportunities for everyone
Benefits/Perks:
Health benefits
Savings/investment plans
Paid time off (including time off to volunteer and extended parental leave)
Flexibility: We’ve been named as one of Forbes, Best Companies for Work/Life Balance
Global Opportunities: We have employees in over 90 countries, working across 3 different industries
Your wellbeing: We offer a program that focuses on making our lives healthier
Do you want to be part of a team helping re-invent the way knowledge professionals work? How about a team that works every day to create a more transparent, just and inclusive future? At Thomson Reuters, we’ve been doing just that for almost 160 years. Our industry-leading products and services include highly specialized information-enabled software and tools for legal, tax, accounting and compliance professionals combined with the world’s most global news services – Reuters. We help these professionals do their jobs better, creating more time for them to focus on the things that matter most: advising, advocating, negotiating, governing and informing.
We are powered by the talents of 25,000 employees across more than 75 countries, where everyone has a chance to contribute and grow professionally in flexible work environments that celebrate diversity and inclusion. At a time when objectivity, accuracy, fairness and transparency are under attack, we consider it our duty to pursue them. Sound exciting? Join us and help shape the industries that move society forward.
Accessibility
As a global business, we rely on diversity of culture and thought to deliver on our goals. To ensure we can do that, we seek talented, qualified employees in all our operations around the world regardless of race, color, sex/gender, including pregnancy, gender identity and expression, national origin, religion, sexual orientation, disability, age, marital status, citizen status, veteran status, or any other protected classification under applicable law. Thomson Reuters is proud to be an Equal Employment Opportunity/Affirmative Action Employer providing a drug-free workplace.
We also make reasonable accommodations for qualified individuals with disabilities and for sincerely held religious beliefs in accordance with applicable law.
More information about Thomson Reuters can be found on .
Locations
Toronto-Ontario-Canada
Company: Thomson Reuters
Expected salary:
Location: Toronto, ON
Job date: Fri, 07 May 2021 23:03:28 GMT