Apply now »

Cloud Security Architect

Date:  05-Aug-2022
City:  Warsaw
Company:  GFT Technologies SE

 

Job Description:

 

As a Cloud Security Architect you will be responsible for defining and developing the overall IT security architecture of cloud deployments for GFT customers and GFT internal projects.

 

You will advise to GFT customers in implementing security requirements and help the stakeholders in any affair concerning cloud security. You will be responsible for managing security assessments to determine cloud security condition. You will be supposed to keep updated on the latest security threats and cloud technologies.

 

Equally to the above responsibilities, you will take part in defining GFT security portfolio and build internal cloud security knowledge base. You will participate in reviews of cloud security products to provide technical guidance on where GFT offering should follow in mid- and long-term.

 

Involvement to customer’ projects: 80%

Involvement to internal projects: 20%

 

The target involvement can vary and change in the course of time, depending on the current customers’ demands.

 

 

Main job tasks and responsibilities:

 

  • Supporting customer stakeholders in any affair concerning cloud security topics
  • Designing a security architecture for cloud deployments, minimum safeguards, introduce security baselines
  • Providing deep technical advisory to the customers and internal teams to follow the best cloud security practices
  • Deploying and maintaining 3rd party security products in cloud environments for GFT customers
  • Evaluating cloud security posture in customers’ deployments with the use of automation or manually
  • Contributing to the Global Security Practice in building common knowledge base on cyber security/information security
  • Conducting risk, network and vulnerability evaluations against defined security requirements
  • Contributing to the compliance evaluations against internal and external financial regulations that touch cloud deployments
  • Support internal IT teams in implementing security requirements security good practices
  • Researching for latest cloud security threats, analyse the current situation and provide feedback for internal cloud security knowledge base
  • Provide the solutions or workarounds to mitigate the risks

 

 

Education and Skills:

 

  • A Bachelor in Computer Science or similar
  • At least 8 years of experience in IT required
  • At least 5 years of experience in IT Security required
  • Good English written/verbal communication skills
  • Being familiar with the basic security concepts: CIA triad, SoD, least privileses, need-to-know, defence-in-depth, open-design, AuthZ, AuthN, RBAC, fail securely, avoid “security by obscurity”, data security "at rest” and  “in-trasit”
  • Deep architectural knowledge in the area of at least one of the leading cloud providers is needed (Azure, GCP, AWS); hybrid/multi-cloud integrations’ knowledge would be highly appreciated
  • Demonstrated understanding of IT Security domains: security and risk management, asset security, security architecture and engineering, communications and network security, identity and access management, security assessment and testing
  • Knowledge of Cloud Security Posture Management systems or Containerization Cloud Computing solutions (eg. Kubernetes) would be of great advantage
  • Hands-on experience in DevSecOps, SSDLC, CI/CD security pipeline would be of great advantage.
  • Cross-sectional knowledge of the basics of security technology is required: SIEM, SOAR, IDAM, DLP, IAM, PIM/PUM, BDS; hands-on experience with the usage or deployments of at least one of those would be of a great advantage
  • Hands-on experience with any of kind of frameworks supporting “Infrastructure-as-code” and “Compliance-as-code” is highly appreciated
  • Knowledge of IT security frameworks and standards is required (ISO2700x, CIS Benchmarks, NIST).
  • Good understanding of the primitives of cryptography and key management best practices
  • Completed certification in on or more enlisted cloud security paths, will of advantage:
    • CCSK by Cloud Security Alliance (CSA)
    • CCSP by (ISC)2 and the Cloud Security Alliance (CSA)
    • AZ-500 by Microsoft
    • SCS-C01 by AWS
    • PCSE by Google
  • Certification in CISSP or CASP+ will be of advantage
  • Knowledge of recommendations from Polish Financial Supervision Authority on IT/IT Security matter would be of great advantage
  • Good presentation skills to provide clear and supportive information to non-technical audience
  • Ability to work autonomously and to lead tasks assigned from the beginning to the end. It’s a must have skill for this position
  • Problem solver, not a trouble maker definitely needed
  • Being able to work with many tasks at the same time
  • Good team skills, open for other cultures

 

 

We offer you:

 

  • Working in a highly experienced and dedicated team
  • Competitive salary and extra benefit package that can be tailored to your persona;te medical coverage, sport & recreation package, lunch subsidy, life insurance, etc.)
  • Permanent or B2B contract
  • On-line training and certifications fit for career path
  • Free on-line foreign languages lessons
  • Regular social events
  • Access to e-learning platform
  • Ergonomic and functional working space with 2 monitors (you can also borrow monitors and office chair for your home office)

Apply now »