Information Security Specialist supporting operational execution of ISMS lifecycle tasks in Budapest. Collaborating with stakeholders for risk assessment and management activities.
About the role
- Security Architect designing and reviewing security architecture for financial institutions. Leading enterprise security projects and collaborating with technology teams to enhance security measures.
Responsibilities
- Support multiple leading-edge projects to design and review existing security architecture, identify security threats and risks, and recommend enhancements.
- Report to the Director of Enterprise Architecture with a dotted line reporting to the Director of Information Security.
- Perform a leadership role in the planning and design of enterprise security architecture.
- Coordinate with system owners, control providers, and other stakeholders on the allocation of security controls as system-specific, hybrid, or common controls.
- Perform threat modeling and risk assessments based on legacy or new environments using organizational guidelines or established industry frameworks.
- Identify technical and procedural controls to mitigate newly identified threats and risks.
- Participate in technology and architecture governance forums to ensure adherence to standards.
- Be part of the Enterprise Architecture team to review and implement security architecture best practices across the organization.
- Collaborate with other architects, technology team members, and business stakeholders on various initiatives.
- Work with external vendors on technology evaluation, selection, and implementation.
- Recommend adjustments to Information Security and Enterprise Architecture policies and standards as necessary.
Requirements
- University degree in computer science (or equivalent)
- 10+ years relevant experience in a large-scale IT environment with 5+ years in Security Architecture
- One or more of the following certifications preferred: (ISC)2 - CISSP, GIAC - GSEC, GCIH, GCIA, GCFE, GWAPT or GPEN
- Technical certifications in Cloud Platforms such as Azure (e.g., Cybersecurity Architect) and/or AWS (e.g., Certified Security Specialist)
- Experience with API technology, e.g., API gateways, Enterprise Service Bus, and microservices
- Strong understanding of API driven authentication and authorization using OIDC, OAuth, JWT, and integrating with other identity providers
- Experience with multi-cloud API standardization with both cloud agnostic and cloud native technologies
- Strong understanding of container and service mesh technology, e.g., Kubernetes/AKS, Istio, etc.
- Strong understanding of certificates and encryption used for securing transmissions and signing tokens.
- Experience with Architecture and Security Architecture frameworks, e.g. SABSA, Zachman, TOGAF
- Experience with Security assurance frameworks, e.g., ISO/IEC 27001, Trust Services Criteria/ SOC 2, NIST CSF, Cloud Security Alliance CAIQ/CCM
- Experience with financial services specific standards and frameworks, e.g., ISO 20022, FAPI, OSFI, BCFSA, SWIFT, Payments Canada SLDs, etc.
- Demonstrated ability to communicate, collaborate and influence across the organization including Product, Technology, Operations and outside of the delivery organization, including partners, vendors, and client organizations.
- Passion for innovation and “can do” attitude including ability to work under pressure and adapt easily to changing priorities and business needs.
- Ability to build deep technical relationships with other technology team members.
- Previous experience at financial institutions an asset.
Benefits
- Work-life flexibility
- Hybrid work environment
- Variable annual incentive plan
- Generous annual vacation allotment
- Top-notch flexible benefits plan including family building and gender affirmation
- Retirement Plan, matched contributions at 6%
- Access to a learning platform and educational assistance support
- Access to a virtual wellness platform
- Career development opportunities
- Wellness Flex Fund to support personal interest and activities
- Day off to volunteer in your community and other paid time off options
- Corporate discounts *subject to employment agreement
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Information Security Specialist responsible for ISMS lifecycle tasks at ALDI. Collaborating with stakeholders on risk assessment and treatment activities while ensuring effective governance.
Client Security Manager at Atos delivering security requirements for clients and supporting Information Security strategies. Engaging with client security organizations and managing security incidents and compliance.
Information Security Officer responsible for cybersecurity strategies and compliance in an IT service provider for food and beverage industry. Developing security standards, managing incidents, and collaborating with leadership.
Security Engineer providing application security guidance for YUM! e - commerce and mobile apps. Collaborate with teams to identify and remediate security vulnerabilities effectively in various applications.
Senior Security Engineer responsible for implementing security systems and conducting incident response at Emburse. Collaborating with teams to identify and mitigate security threats.
Cybersecurity Engineer guiding systems through the Risk Management Framework at Skyward Federal. Ensuring compliance with DoD cybersecurity requirements and maintaining secure technologies.
Account Executive driving new business growth for Strider Technologies via strategic client relationships. Transforming open - source data into actionable insights to protect from nation - state risks.
Cybersecurity Intern at Thndr. Gain hands - on experience in securing cloud - native infrastructure and applications while collaborating with senior security engineers.
Security Engineer ensuring core security in product development at Trustly. Collaborating with teams on security practices and automating controls.