25070401 Arquitecto Seguridad (GTB)
Location Málaga
The person will be a candidate to be hired internally.
WHAT WILL YOU DO IN YOUR WORK?
As a Cyber Security Engineer your main objective will be to ensure compliance with security standards and principles:
* Evaluation and review of security architectures of the projects ensuring compliance with internal policies and principles.
* Support for the implementation of reference architectures, facilitating the adoption of the technologies and products of each project.
* Ensure compliance with Corporate Security policies, generating compliance standards for architectures.
* Ensure compliance with security reference standards, considering the recommendations of the Cyber Global architecture teams.
* Identify the best practices and trends applicable in security architectures.
* Alignment with the Global Cyber Security architecture teams, with active participation in global initiatives.
* Work closely with the CTO Architecture team.
* Engagement with CISO SCIB for alignment and priority definitions.
* Provide general advice in security topics.
WHAT ARE WE LOOKING FOR?
EXPERIENCE
* More than 15 years of experience in IT, and at least 10 years of experience in a similar position.
EDUCATION
* Bachelor or Degree in Engineering, Computer Science and/or Telecommunication or similar background.
* AWS Certifications (is a must).
* Recognized Cyber Security certifications (at least one is a must) as ISACA, NIST, ISO, CompTIA Security+, CISSP+… etc.
* Vendors certifications (desired) as PaloAlto, Checkpoint, Cisco.
SKILLS & KNOWLEDGE
* Advanced English and Spanish level.
* Operational and analytical Cybersecurity:
1. Digital Identity and Access Management: mastering the SAML and OpenID Connect standards.
2. API security access: mastered in OAuth 2.0 JWT Bearer Grant and Auth Code with PKCE is a must.
3. Good understanding of OSI Model in Network Layer.
4. Secrets management.
5. PKI environments, cryptography, CMEK/BYOK.
6. Risk assessment / Impact analysis.
7. AWS architecture practitioner.
8. Threat modeling methodologies (STRIDE).
* Networking, security and high availability of telecommunications systems and services in each network layer.
* Experience in designing security solutions and architectures.
* Mastering documentation tasks.
* More extensive knowledge of cybersecurity: cyber-attack, cyber defense, secure architecture, security management and administration.
* Knowledge of microservices architecture: Docker, Kubernetes, etc.
* Knowledge of SecDevOps.
* Development and good coding methodologies knowledge.
* TOGAF desired.
OTHER INFORMATION
* Strong communication skills, with high ability to work as a team.
* Accuracy and attention to detail.
* Banking scope knowledge.
* Critical thinking.
* Interpersonal relationships.
* Work under pressure.
* Problem solving.
* Optimism regarding uncertainty.
* Takes ownership.
Let’s connect if you’re passionate about building the future of technology!