Function / Position
objectivesAs security architect you are responsible for designing, building, testing and implementing security systems within the Bank on site and in the cloud.
On top of that main responsibility, you will be assigned the review the source code review of a major digitalization project on going.Responsibilities
Reviewing current system security measures and recommending and implementing enhancements
Conducting regular system security review of existing IT systems
Planning, researching and designing security architectures
Design, build and implement enterprise-class security systems for a production environment
Align standards, frameworks and security with overall business and technology strategy
Maintain security framework architecture documentation
Master Degree in Information Technology, Computer Science or related filed is highly desirable.
10+ years of experience in enterprise information security architecture and IT risk management with a focus on security, performance and reliability;
4+ years of experience in application security including secure code review, web application penetration testing or threat modelling;
2+ years of experience in secure code review / static application security testing (SAST)"
Excellent knowledge of cloud computing technologies and of enterprise-class security architecture
Strong background in cyber offensive security and cyber threat modeling; Good working knowledge of current IT risks and experience implementing security solutions
Ability to interact with a broad cross-section of personnel to explain and enforce security measures; Excellent and effective written and verbal communication skills to properly articulate complicated cloud reports to management and other IT development partners;
Excellent business acumen
Detailed understanding of the OWASP Top 10 and CWE Top 25 issues with focus on ability to identify and remediate vulnerability in source code;
Ability to explain risk and business impact of security vulnerabilities in source code to variety of audience
Hands-on experience conducting security focused static analysis using commercial SAST tools such as Checkmarx, Appscan Source, Veracode, Coverity, Fortify and SonarQube
Activity rate100 %