Third-Party Security Architecture Review Specialist
TATA Consultancy Services Ltd.
Milford, OH
Job posting number: #7308106 (Ref:tsc-361748)
Posted: May 9, 2025
Job Description
Must Have Technical/Functional Skills
• 5+ years of experience in security architecture, risk assessment, or cybersecurity consulting.
• Strong knowledge of cloud security (AWS, Azure, GCP) and network security principles.
• Experience with third-party risk management frameworks (e.g., SIG, FAIR, TPRM).
• Familiarity with security assessment tools such as Qualys, Veracode, and cloud security posture management (CSPM) solutions, etc.
• Certifications such as CISSP, CISM, CCSP, or CRISC are preferred.
• Strong analytical, problem-solving, and communication skills.
Roles & Responsibilities
• Conduct in-depth security architecture reviews of third-party vendors, cloud services, and external applications.
• Evaluate vendors’ security postures based on frameworks such as NIST, ISO 27001, CIS, and other relevant standards.
• Assess third-party compliance with data protection laws (e.g., GDPR, CCPA) and regulatory requirements (e.g., HIPAA, PCI-DSS).
• Review security documentation, including SOC 2 reports, penetration test results, and security questionnaires.
• Identify vulnerabilities and weaknesses in third-party security implementations.
• Provide risk-based recommendations to mitigate security threats while maintaining business continuity.
• Work closely with vendors and internal teams to remediate identified security gaps.
• Analyze third-party integrations with enterprise systems to ensure they align with security best practices.
• Assess cloud security configurations for SaaS, PaaS, and IaaS providers.
• Recommend secure design patterns for API and data exchange between third parties and internal systems.
• Partner with procurement, legal, and IT teams to incorporate security requirements in vendor contracts and agreements.
• Work with internal security, compliance, and risk management teams to align third-party security with enterprise security strategy.
• Conduct security awareness training for teams engaging with third-party vendors.
• Develop and enhance third-party security assessment methodologies and frameworks.
• Track and report security assessment findings to senior management and relevant stakeholders.
• Stay updated with emerging security threats, vulnerabilities, and industry trends related to third-party risk management.
Salary Range-$130,000-$140,000 a year
#LI-KR1
Apply Now
Please mention to the employer that you saw this ad on AmericanCareers.com
- Share this job:
- [Save this Job]
