Cybersecurity Architect

ING Bank Śląski S.A.

16 00023 000 gross / mth.
  • West Pomeranian

    West Pomeranian
  • offer expired 2 months ago
  • contract of employment
  • full-time
  • specialist (Mid / Regular)
  • full office work, home office work, hybrid work

Technologies we use

Expected

  • ITIL

  • GCP

  • IT security frameworks

About the project

As Cybersecurity Architect you will be responsible for development of bank’s IT security architecture for coming years and supporting both IT and business in aligning their solutions with security requirements. Beside this, you and your teammates will play key role in systems hardening, interconnectivity management and automation, development of new security controls (PoC), definition and fine-tuning of standards and procedures. Together with monitoring section, penetration testers, SOC and threat hunters colleagues you will be directly responsible for keeping the bank and its customers secure.

Your responsibilities

  • interacting with senior stakeholders up to an organisational or inter-organisational level

  • reaching and influencing a wide range of people across larger teams and communities

  • researching and applying innovative security architecture solutions to new or existing problems and being able to justify and communicate design decisions

  • developing vision, principles and strategy

  • working on projects with high strategic impact, understanding the impact of decisions, balancing requirements and deciding between approaches

  • producing particular patterns and supporting quality assurance

  • leading the technical design of systems and services

Our requirements

  • demonstrated understanding of Cybersecurity domains: risk management, IT asset security, security architecture and engineering

  • knowledge of modern security architectures for both on-premise and cloud deployments

  • good understanding of current IT security frameworks and standards is a must (ISO2700x, COBIT, GDPR, CIS Benchmark, NIST Cybersecurity Framework, OWASP TOP10, CyberKillChain, MITRE ATT&CK)

  • knowledge of current regulations and their finance-sector specifics is a must (PCI-DSS, Recommendation D, UKNF communication on information processing using public or hybrid cloud, UKSC, RODO/GDPR)

  • understanding of both symmetrical and asymmetrical cryptography

  • understanding of principal security processes like Vulnerability Management, Security Event Monitoring, Secure (Hardened) Configurations, Incident Management/Response etc.

  • understanding of principal ITIL processes like Change Management, Incident Management, Knowledge Management, Access Management etc

  • hands-on experience with public cloud providers eg. Amazon AWS, Microsoft Azure and Google Cloud Platform and their built-in security measures

  • excellent communication skills (ability to translate business requirements into IT product, presenting ITSec solutions during IT Architecture Boards, explain complex technical aspects to non-technical audience etc.)

  • fluent English language skills (at least C1 equivalent)

  • experience in enterprise threat modelling and risk assessments

  • experience in internal cybersecurity reviews (whitebox methodology) at infrastructure, application and process level

  • knowledge of programming (eg. Java, C) or scripting (BASH, Python) would be a plus

Optional

  • expertise and hands-on experience in security aspects of at least two of following technologies: public cloud, virtual machines (private cloud), networking, Windows, Linux/Unix, databases (SQL and non-SQL), governance/regulatory, storage, CI/CD, service-mesh, application (front-end/back-end)

  • knowledge of agile way of working and related rituals

  • hands-on experience in vendor/suppier management including contract negotiations, enforcement of security measures within the contract and on-site/off-site audits

  • fluent Polish language

Benefits

  • sharing the costs of sports activities

  • private medical care

  • life insurance

  • retirement pension plan

  • extra social benefits

  • christmas gifts

  • extra leave

Location:

  • Warsaw, Katowice (100% remotely or hybrid), entire Poland territory (100% remotely - business trips to headquarters required)

Masz pytania? Napisz do nas!

Kandydaci często kontaktują się z nami bezpośrednio. Jeśli chcesz o coś zapytać w związku z tą lub inną rekrutacją, napisz do nas na: [email protected]

ING Bank Śląski S.A.

W ING Banku Śląskim łatwiej robić swoje. Z myślą o naszych klientach sprawiamy, że bankowość staje się bezpieczna, przyjazna i bliska. Na wiele sposobów dbamy o well-being i komfort naszych pracowników. Tworzymy otwarte miejsce pracy, w którym każdy jest mile widziany – bez względu na wiek, płeć, pochodzenie, stopień sprawności czy inne przesłanki. Dołącz do nas. Mamy tytuł najlepszego pracodawcy, a w naszych procesach rekrutacji wszyscy kandydaci są traktowani z szacunkiem i mają równe szanse.

Scroll to the company’s profile