Cloud Centre of Excellence (CCOE) 1 x Resource required to support and steer Architecture components of workstreamB) Cloud Security Posture Management (CSPM) - onboarding, remediation and reporting, CSB SLA monitoring and auto-remediation.
*** 1 x Resource required to support and steer Architecture components of workstream (same resource as A) above *** C) SbD + Cloud Security Assurance Improvements workstream *** 1 x Resource required to support and steer Architecture components of workstream (same resource as A) above *** D) DevSecOps workstream + Container Security workstream *** 1 x Resource required to support and steer Architecture components of workstream (same resource as A) above *** E) CSB/CSB+ workstream related to cloud security controls *** 1 x Resource required to support and steer Architecture components of workstream (same resource as A) above *** F) IB (International Business) Big Data Security *** 1 x Resource required to support and steer Architecture components of workstream (same resource as A) above *** Dependencies: Workstreams A, B and F would run from under Mahomed Hoosen's Cloud and Big Data Security workstreams.
Workstreams C, D and E will be run by other CIP workstream leads (Chris Knox and Matimba Simango).
Workstream C, D and E would require the cyber security architect resource to support the workstream leads defined initiatives.
CIP Metrics and expected results off the Workstreams A, B, C, D, E and F: CCOE and Cyber Integration :-Identification, clarification, ownership and building out of the Cyber Management systemsSetting AWS ingress pattern and egress pattern as well as related operating model components.
Subsequent rollout of the ingress/egress AWS cloud accounts.Wider engagement with CCOE team to confirm guardrails and IaC templates to cater for cyber security AWS pipelines.
CSPM Adoption :-Hardening for cloud, IaC pre-deployment checks, planned feature sets (auto-remediation) etc….using selected CSPM technology SbD and Cloud Security Assurance Improvements :-standardize on SbD (AWS Security by Design) security assurance processes, control frameworks relating to Cloud Security.
DevSecOps and Container Security Enablement :-Align to other IT iniatiative in DevSecOps and Container Security Controls - cloud design considerations rollout and implementation :-Plan, Implement, Align to Controll domain owners expectations for cloud based workloads.
Big Data Security Considerations and embedding :-Support Big Data programme plans for security requirements