Job Requirements:
Knowledge
Strong understanding of Cloud Computing Security, including AWS, Azure, Office 365, APIs and WEB services
Strong knowledge in designing and implementing cryptographic solutions including PKI infrastructure, certificate management and deploying encryption technologies for systems, databases, applications across on-premises and cloud
Understanding of Information Security frameworks (e.g., ISO 27001/27002, NIST CSF, CIS TOP 20)
Deep knowledge of network, application, cloud and data security best practices
Understanding of architecture frameworks (e.g. TOGAF, SABSA)
Good knowledge and hands-on experience in security systems, including CASB, HSMs, web proxies and content filtering, DLP solutions, etc
Detailed technical knowledge of operating system and Cloud CIS baseline
Good knowledge of low-level and high-level security architecture design and development
Good understanding of security design patterns
Familiarity with regulatory and compliance requirements (e.g., CBB, GDPR, ISO 27001, PCI-DSS, SOC2)
Broad understanding of the Information Security domains: Infrastructure Security, Access Management, Physical Security, Application Security, Security Compliance, and IT Change Management
Education / Certifications:
University degree with an IT and / or Cyber Security background
Recognized and active Information Security and platform qualifications (e.g., CISSP, CISM, EC Council or SANS related certifications, AWS or other cloud specific certifications).
Desirable Certifications: GIAC Defensible Security Architecture
Experience:
At least 8 years of work experience
3+ years of direct hands-on experience on configuring technical security solutions and working with Cloud Service Providers (including Azure, Office 365 and AWS) ideally within financial services
Experience with threat modelling tools and methodologies (e.g., STRIDE, DREAD, MITRE ATT&CK)
Experience in working with cryptographic solutions (e.g. HSM)
Experience in developing high level architecture for the cloud and hands-on experience designing secure architectures in cloud environments (AWS, Azure, GCP)
Strong understanding of IAM, MFA, authentication protocols (OAuth, SAML, OpenID Connect) and able to configure well known Security Solutions in this domain.
Experience in securing APIs, containers and microservices
Experience with network security and networking technologies and with system, security, and network monitoring tools
Recent, full-time working experience with financial institutions
Practical experience on working with cloud technologies and implementing security in hybrid and multi-cloud scenarios.
Personal attributes:
Strong team player
Fluent in English (mandatory)
Ability to organise and prioritise tasks
Able to conduct the role with minimum supervision
Strong communication skills capable of dealing with wide range of internal and external stakeholders articulating security risks in business-friendly terms.
You will be redirected to the company website to apply for this position