Job Type
Work Type
Location
Experience
Define TASMU 2.0 security reference architecture and baseline controls for cloud, Kubernetes, applications, and data services.
Lead security governance: security design reviews, threat modeling, security exceptions, and risk acceptance processes.
Define identity and access controls (Entra ID, RBAC, PIM/JIT, conditional access, service principals, secrets management).
Design network security architecture (segmentation/trust zones, private endpoints, WAF, egress controls, firewall policies).
Establish application security standards (OWASP, secure SDLC, SAST/DAST, dependency/SBOM, container image signing).
Define data security controls (classification, encryption/CMK/HSM, DLP, key management, retention, secure deletion).
Own security monitoring requirements and integrations: Defender for Cloud (CSPM/CWPP), Sentinel (SIEM), SOAR playbooks, alert tuning.
Define vulnerability management and patching processes for OS/K8s/runtime components, including SLA targets and reporting.
Support incident response readiness: runbooks, tabletop exercises, forensic logging, evidence handling, and post-incident improvements.
Provide assurance of vendor deliverables and go-live readiness (pen test coordination, remediation validation, compliance evidence packs).
