Cyber Risk Associate - IN

Associate - Infrastructure Security - IN
Professionals in this group engineer, implement and monitor security measures for the protection of physical IT systems, networks and information for the organization infrastructure.
Key Responsibilities and Duties

• They Identify and define system security requirements, networking threats, storage requirements and design computer security architecture.
• They also develop detailed cyber security designs and prepare and document standard operating procedures and protocols to maintain infrastructure security.

Educational Requirements

• University (Degree) Preferred

Work Experience

• 2+ Years Required; 3+ Years Preferred

Physical Requirements

• Physical Requirements: Sedentary Work

Career Level
6IC

Job Description

Position Summary:  Describe below the primary purpose and function of this job

The Infrastructure Security Analyst will support the IT Infrastructure Configuration security Assessment program for Cloud with streamlining and improving service delivery. Professionals in this group engineer, implement and monitor security measures for the protection of physical/virtual IT systems, networks and information for the organization infrastructure.

As part of the IT Infrastructure Configuration Mgmt. team, you will be responsible for:

• overseeing and maintaining the security posture of cloud environments by actively monitoring configurations, defining and assessing technology security baselines
• identifying potential vulnerabilities
• implementing security controls, and ensuring compliance with industry standards across all cloud services
• utilizing automated tools to proactively remediate issues, participating in automated assessment initiatives
• collaborate with development teams to embed security best practices throughout the cloud infrastructure.
• reporting identified technology risks, and
• supporting break remediation efforts in accordance with priorities set by the organization.

Key Duties & Responsibilities:  List up to 5 key duties and responsibilities, management responsibilities and time spent (if applicable)

Mandatory Skills

• Drive IT Infrastructure Configuration assessment execution across various CLOUD technologies and platforms (e.g., Cloud – AWS/GCP/Azure, Containers, SaaS/PaaS)
• Partner with Infrastructure Manager with identifying scanning tool capabilities and provide recommendations to streamline and improve automated assessment capabilities.  
• Engage with Internal Stakeholders to drive initiatives through completion.
• Analyze assessment results and coordinate with Remediation team to ensure proper closure of control gaps.
• Define Baseline technology controls based on documented IT standards and industry best practices (CIS/NIST) in partnership with various IT control partners and technology teams.
• Consult with Baseline Owners to complete technology assessment requests in a timely manner.
• Develop and maintain technology assessment capabilities by leveraging available data and automation.
• Develop, maintain, and manage tool metrics for accuracy.
• Candidate will perform other responsibilities as needed to support overall program.

Basic skills

• Strong understanding of cloud security principles and best practices across major cloud platforms (AWS, Azure, GCP)
• Expertise in vulnerability scanning tools and methodologies
• Proficiency in scripting languages (e.g., Python) for automation and data analysis
• Knowledge of security standards and compliance frameworks (e.g., NIST, CIS, ISO 27001)
• Experience with cloud security configuration management tools (e.g., Terraform, CloudFormation)
• Excellent communication and collaboration skills to work with cross-functional teams
• Cybersecurity certifications like CISSP, CISA, or AWS Certified Security Specialty are preferred
• Identify and define system security requirements, networking threats, storage requirements and design computer security architecture.
• develop detailed cyber security designs and prepare and document standard operating procedures and protocols to maintain infrastructure security.

Business or Industry Expertise:  Describe the degree of knowledge and understanding required of TIAA’s business and industry, commercial environment and of competitors products and services.

5 - 10 years of relevant work experience

Job Requirements And Qualifications:  Indicate the minimum and preferred education and experience for the job and any licenses and certifications required

Required Education:

BA/BS

(add “other” details here)

Preferred Education:

BA/BS

(add “other” details here)

Required Experience:

5-10 years

4 - 7 years of relevant work experience

Preferred Experience:

5-10 years

(add “other” details here)

Skills and Abilities:

Required Skills

• Bachelor’s Degree
• Excellent knowledge and experience in Cloud services of AWS, Azure and GCP.
• Experience in security baseline documentation of cloud services of AWS, Azure and GCP using CIS/NIST.
• Excellent knowledge in scanning tools like Wiz, Sysdig, Tenable Nessus SC, Bigfix, Qualys and Rapid 7 Nexpose.
• Previous experience in security baseline assessment and vulnerability assessment of IT Infrastructure likes Cloud, Server OS, Network, Database, Storage.
• Excellent written and verbal communication skills
• Creating Dashboard, Trackers and PPT for upper management team to easily understand the weekly and monthly status. (Proficient in MS Office tools such as Word, Excel, and PowerPoint.)
• Experience working in a team-oriented collaborative IT environment.
• ITIL V3 foundation certified

Desired Skills

• Familiarity with Cloud, SaaS/PaaS, and container technologies.
• IT Security Engineering and/or Operations Experience
• Scripting and/or application development experience.
• Previous experience developing custom scripts to automate manual processes.
• Experience with Tableau is a Plus
• Previous experience managing tasks through JIRA and documentations in Confluence.  

Required Licenses/Certifications:

Licenses/Certifications

(add “other” details here)

Please work with your HR and Compensation Business Partners to finalize ALL job descriptions.”

Related Skills

Accountability, Adaptability, Business Continuity Planning, Cloud Computing Security, Collaboration, Communication, Compliance, Consultative Communication, Cybersecurity, Detail-Oriented, General Risk Management, Network Security, Prioritizes Effectively

_____________________________________________________________________________________________________

Company Overview

TIAA Global Capabilities was established in 2016 with a mission to tap into a vast pool of talent, reduce risk by insourcing key platforms and processes, as well as contribute to innovation with a focus on enhancing our technology stack. TIAA Global Capabilities is focused on building a scalable and sustainable organization , with a focus on technology , operations and expanding into the shared services business space.

 
Working closely with our U.S. colleagues and other partners, our goal is to reduce risk, improve the efficiency of our technology and processes and develop innovative ideas to increase throughput and productivity.

We are an Equal Opportunity/Affirmative Action Employer. We consider all qualified applicants for employment regardless of age, race, color, national origin, sex, religion, veteran status, disability, sexual orientation, gender identity, or any other protected status.

Accessibility Support

TIAA offers support for those who need assistance with our online application process to provide an equal employment opportunity to all job seekers, including individuals with disabilities.

If you are a U.S. applicant and desire a reasonable accommodation to complete a job application please use one of the below options to contact our accessibility support team: 

Phone: (800) 842-2755

Email: [email protected]

Privacy Notices

For Applicants of TIAA, Nuveen and Affiliates residing in US (other than California), click here.

For Applicants of TIAA, Nuveen and Affiliates residing in California, please click here.

For Applicants of TIAA Global Capabilities, click here.

For Applicants of Nuveen residing in Europe and APAC, please click here.