Information Security Associate Architect
Job Overview
Job title: Information Security Associate Architect
Job description: Job Description
Role
The Thomson Reuters Information Security and Risk Management (ISRM) group is seeking an Information Security Architect to join the unique role, wherein you will be a core member in representing ISRM equities in Corporate Mergers, Acquisitions, and Divestitures (MAD) projects.
You will assess the information security risk associated with the merger/acquisition of a company into TR, enabling TR to manage the cybersecurity risks of any deal in a manner consistent with their risk appetite. Post-deal-close, you will directly support ISRM stakeholders, enabling them to strategize and implement, and further optimize, security controls during M&A integration to maintain and enhance the security posture of the unified organization. You will also throughout these activities, communicate the security risk attributable to any M&A to internal business stakeholders, including executive leadership within and outside of ISRM, empowering them to make more informed decisions to manage risk in alignment with their business objectives and risk appetite.
About the Role
In this opportunity as an Information Security Architect, you will:
Design and Deliver
- Assess the target company’s cybersecurity posture – suitability, maturity, and efficacy – during the due diligence phase of a potential M&A transaction
- Identify cybersecurity statutory, regulatory, compliance, and/or customer requirements and obligations that TR will inherit from the target company
- Define, and the approximate cost for, high-level integration plans to both address materiel risks identified during due diligence and to enable standard integration patterns
- Summarize due diligence findings in a manner that is consumable and defensible by technical and non-technical stakeholders of varying levels of seniority across the organization
Be collaborative:
- Partner with cross-functional teams to ensure architectural, engineering and operational solutions effectively fulfill M&A business needs
- Provide security architectural guidance and hands-on experience to M&A project teams in the design, development, and maintenance of M&A security solutions and processes that are both risk-appropriate and risk prioritized
- Develop, document, and maintain milestone-based and objective-focused M&A integration roadmaps, per M&A transaction
- Provide guidance to project manager and track the integration activities post successful M&A
Be Innovative:
- Create tools, techniques, and templates to enable the consistent, repeatable, complete, and quality realization of each responsibility previously codified
- Standardize the integration process and develop playbooks to effectively manage the cybersecurity risk attributable to an M&A transaction in a manner that garners support from cross-functional teams, enables the realization of the value proposition of the deal, and is consistent with the risk appetite of ISRM and TR at-large
- Assess gaps to develop the strategy and take it forward.
- Influence cross-functional team(s) to align the integration activities and track the outcomes
- Drive the various teams pertaining to Integration activities till closure
About you:
You’re a fit for the role of Information Security Associate Architect if you have:
- 3+ years of experience working in Security Architecture for a significant size of organization, with minimum 1 of experience in M&A cybersecurity assessment, third-party risk management, and/or cybersecurity risk management
- Knowledge of regulatory, compliance and Industry-standard cybersecurity frameworks – HIPAA, PCI-DSS, GDPR, FedRAMP, SOC 2, ISO27001, NIST SP 800-53, CIS, OWASP, etc.
- Ability to communicate effectively with people from diverse cultural environments, professional experience, and technical expertise
- Knowledge of corporate M&A lifecycle and processes
- Knowledge of end-user, workplace, datacenter and Cloud technologies; cybersecurity technologies; modern threat tactics, techniques and procedures (TTPs); and the interrelationships between them all
- Experience in delivering M&A or transformation projects, accompanied by expertise in key IT areas, such as:
IT infrastructure & networks, Enterprise architecture, Data centers, Cloud technologies, Application integration/separation/rationalization, Cyber & IT risk
- Identifying key client issues, determining client needs, evaluating and validating analyses, and developing recommendations
- Ability to well articulate the Information security principles and able to benchmark the security controls of acquired entity with the organization’s current state
Nice to have:
- Certifications such as CISSP, PMP, ITIL, CRISC, and TOGAF
What’s in it For You
At Thomson Reuters, our people are our greatest assets. Here are some of the benefits we offer for your personal and professional growth:
- Learning & Development:
- Exposure to a wide breadth of leading-edge technology
- Career growth – the ability to work on multiple projects and/or with various teams
- Professional growth and development opportunity through various training programs, conferences, networking events, in-house speaker series etc.
- Access to Hackathons, Unconferences, Harvard Manage Mentor and more, we offer learning opportunities for everyone
- Benefits/Perks:
- Health benefits
- Savings/investment plans
- Paid time off (including time off to volunteer and extended parental leave)
- Flexibility: We’ve been named as one of Forbes, Best Companies for Work/Life Balance
- Global Opportunities: We have employees in over 90 countries, working across three different industries
- Your well-being: We offer a program that focuses on making our lives healthie
Do you want to be part of a team helping re-invent the way knowledge professionals work? How about a team that works every day to create a more transparent, just and inclusive future? At Thomson Reuters, we’ve been doing just that for almost 160 years. Our industry-leading products and services include highly specialized information-enabled software and tools for legal, tax, accounting and compliance professionals combined with the world’s most global news services – Reuters. We help these professionals do their jobs better, creating more time for them to focus on the things that matter most: advising, advocating, negotiating, governing and informing.
We are powered by the talents of 25,000 employees across more than 75 countries, where everyone has a chance to contribute and grow professionally in flexible work environments that celebrate diversity and inclusion. At a time when objectivity, accuracy, fairness and transparency are under attack, we consider it our duty to pursue them. Sound exciting? Join us and help shape the industries that move society forward.
Accessibility
As a global business, we rely on diversity of culture and thought to deliver on our goals. To ensure we can do that, we seek talented, qualified employees in all our operations around the world regardless of race, color, sex/gender, including pregnancy, gender identity and expression, national origin, religion, sexual orientation, disability, age, marital status, citizen status, veteran status, or any other protected classification under applicable law. Thomson Reuters is proud to be an Equal Employment Opportunity/Affirmative Action Employer providing a drug-free workplace.
We also make reasonable accommodations for qualified individuals with disabilities and for sincerely held religious beliefs in accordance with applicable law.
More information about Thomson Reuters can be found on .
Locations
Toronto-Ontario-Canada
Company: Thomson Reuters
Expected salary:
Location: Toronto, ON
Job date: Wed, 21 Apr 2021 06:11:56 GMT