Zurich InsuranceCloud Security & Data Architect
Jan. 2022 - Apr. 2025Bratislava, SlovakiaAs Cloud Security & Data Architect at Zurich Insurance, I designed and secured cloud and data platforms within highly regulated environments. My work focused on creating resilient, compliant AWS and Azure architectures aligned with Zurich’s internal controls and mapped to NIST SP 800, NIST CSF, ISO 27002, CIS Controls, and COBIT 19. I conducted control assessments and supported audits by producing compliance evidence packages. I engineered secure data architectures for financial data using Databricks, SageMaker, EC2, RDS, and Delta Lake. Controls included encryption (at rest/in transit), masking, and fine-grained access policies to ensure data confidentiality, integrity, and availability. I also led IAM strategy across AWS and Azure multi-account/subscription setups. Enforced least privilege, separation of duties, and cloud-native access models incorporating PAM best practices for secure, auditable access. To support critical systems, I implemented disaster recovery strategies with tested runbooks, aligned with defined RTOs/RPOs. This ensured resilience and continuity across key business functions. Security assurance was embedded into the SDLC. I conducted architecture reviews and led threat modeling for apps migrating to or built in cloud, catching risks early and reducing vulnerabilities. Security controls extended into pipelines and apps. I embedded controls into ETL workflows (AWS Glue, Azure Data Factory) and serverless (Lambda, Azure Functions) using secure coding, hardened configs, and encryption. Cost efficiency remained a priority. I led optimization efforts to rightsize resources, apply reservations, and reduce waste without compromising security or compliance. Collaboration was essential—I worked closely with Security Ops, Risk, and Audit teams to address findings, provide remediation strategies, and continuously improve the security posture.