**Company description** Resources is the backbone of Publicis Groupe, the world’s third-largest communications group. Formed in 1998 as a small team to service a few Publicis Groupe firms, Re:Sources has grown to 5,000+ people servicing a global network of prestigious advertising, public relations, media, healthcare, and digital marketing agencies. We provide technology solutions and business services including finance, accounting, legal, benefits, procurement, tax, real estate, treasury, and risk management to help Publicis Groupe agencies do their best: create and innovate for their clients. In addition to providing essential, everyday services to our agencies, Re:Sources develops and implements platforms, applications, and tools to enhance productivity, encourage collaboration, and enable professional and personal development. We continually transform to keep pace with our ever-changing communications industry and thrive on a spirit of innovation felt around the globe. With our support, Publicis Groupe agencies continue to create and deliver award-winning campaigns for their clients. **Overview** **JOB SUMMARY:** Publicis Re:Sources is hiring a Senior Associate of Security Architecture for the Global Security Team. This full-time position includes identifying security weaknesses in information systems, drafting reports, providing recommendations for security risk mitigation, and collaborating with delivery and infrastructure support teams to address security risks. The candidate, with significant experience as an Information Systems Architect, must be a technical expert in cloud technologies and possess strong general knowledge across a range of technologies such as databases, networking, operating systems, authentication, and encryption — along with a solid understanding of the security aspects of all these systems. The responsibilities associated with the position are as follows: + Conduct secure architecture reviews of application, cloud, and Identity, & Access Management (IAM) solutions to evaluate the adequacy and effectiveness of security measures. + Make recommendations to address identified design and implementation gaps. + Threat model key enterprise and agency systems. + Collaborate with business and technical teams in developing security risk treatment plans addressing vulnerabilities in applications, cloud environments, and IAM solutions. + Document and analyze the impact of new system integrations and updates on the current security posture. + Develop and contribute to overarching and solution specific techincal security standards, encompassing application, cloud, and Identify, and Access Management (IAM) domains. + Ensure system designs and architectures comply with security best practices, company policies, and industry-recognized security standards (e.g., ISO 27001, PCI DSS, NIST, HIPAA etc.). + Periodically evaluate technical security standards and configurations, making recommendations for updates or improvements to ensure they remain current to address changing threat landscape. + Collaborate closely with stakeholders, including business teams and internal departments, to ensure comprehensive security needs are understood and met in an efficient manner. + Participate in software security review process, document security risks and mitigating controls. + Participate in team meetings to collaborate on enterprise and business unit specific initiatives. + Participate in the new technology evaluations and peer reviews. **ESSENTIAL JOB REQUIREMENTS:** + Four (4) plus years of experience in Application Security and/or Cloud Security + Knowledge of Threat Modeling frameworks, such as STRIDE. + Cloud Security Certifications (AWS, Azure, GCP) preferred + Knowledge of OWASP Top 10. + Knowledge of risk management processes (e.g., methods for assessing and mitigating risk). + Knowledge of documenting cyber threats and vulnerabilities. + Knowledge of authentication, authorization, and access control methods. + Knowledge of data security standards (e.g., PCI, PII, PHI, etc.) + Skill in designing multi-level security/cross domain solutions. + Ability to apply secure system design tools, methods and techniques. + Ability to design architectures and frameworks. **Qualifications** + Bachelor’s degree in Computer Science, Engineering, or other Engineering or Technical discipline or equivalent relevant experience **Additional information** **OTHER JOB REQUIREMENTS:** + Good communication and documentation skills + Ability to work effectively and collaboratively with stakeholders + Willingness to work with geographically dispersed teams + A ‘can do’ attitude team player who works well under pressure and with dispersed groups, worldwide + Must be a self starter with strong organizational skills to enable navigation of the company to identify sponsors, stakeholders and interested parties