#

Lead Information Security Expert

Luxoft Poland Sp. z o.o.

Remote Poland, małopolskie

Luxoft Poland Sp. z o.o.
- All stages in our recruitment process can be done remotely -

Lead Information Security Expert

Location: Remote Poland
PROJECT DESCRIPTION

Bank has begun a major business and technology programme to adopt public cloud services, including announcing a ten-year partnership with Google.

One critical success factor for this cloud adoption is to ensure that the Bank's use of cloud services is secure. Therefore the Bank's security team, the Chief Security Office, has set up a Cloud Security Enablement programme to embed security into its cloud environments, and integrate into its overall range of information security capabilities.

Within Cloud Security Enablement, one team is focused on Cloud Security Engineering. This team specialises in developing in-cloud security controls, using "infrastructure as code" and "policy as code" techniques, and a mix of cloud-native and third party solutions.

The majority of the team's work is currently in Google Cloud Platform, with a small proportion in Microsoft Azure.

The team began in the UK and is now expanding in Bucharest. It reports functionally to the Cloud Security Engineering lead in the UK.

This role will be the first Bucharest team member, will assist in building the team in that location, and will act as the senior member of the local team.


RESPONSIBILITIES

In this role you will be:

  • Developing and enhancing security controls in Deutsche Bank's Google Cloud and Microsoft Azure infrastructure - these controls are the security components of the Bank's "control plane" for each cloud service provider
  • Developing features that help implement Deutsche Bank's security reference architectures for Google Cloud and Azure.
  • Consulting with information security specialists in the Chief Security Office, and other infrastructure and application development teams across the Bank internationally, to understand their requirements for in-cloud security solutions
  • Delivering features iteratively, using sprints and a backlog of tasks
  • Using infrastructure-as-code techniques and CI/CD automation, via tools such as Terraform
  • Using policy-as-code tools and techniques to specify security rules that are enforced both at build time (during the CI/CD pipeline, and with cloud-native tooling) and at run time (to detect deviations from policy, using third party and cloud-native tooling)
  • Delivering in-cloud features that can be integrated with on-premises security capabilities, in areas such as access management, security logging and monitoring, and network security - so that the Chief Security Office can effectively secure and monitor its cloud infrastructure and applications, as well as its on-premise technology
  • Acting as an internal expert in the native security features of the Cloud Service Providers, to advise other teams on options for improving and maintaining security
  • Collaborating with other team members, and members of the wider engineering community in the Bank, on improvements to cloud engineering tooling and ways of working
  • If required, acting as the security engineer embedded for a period in another application development team, working directly on developing cloud security controls for that application.

This is mostly a hands-on engineering role, not a pure management role. However, as the senior member of the local cloud security engineering team, you will also be:

  • Acting as the local line manager for the team
  • Assisting the Cloud Security Engineering lead to interview and select other local team members
  • Introducing new team members to the ways of working of the team and the local office
  • Providing technical supervision and mentoring of local team members
  • Assisting the Cloud Security Engineering team lead with setting objectives and managing performance for the local team
  • Providing management status reporting

SKILLS

MUST
  • Experienced software engineer
  • Experienced in setting up and using public and hybrid cloud infrastructures
  • Experienced in information security, through previous work in consultancy or corporate roles
  • Leading and mentoring a team of software and/or security engineers
  • Agile software/systems development
  • Google Cloud Platform engineering and security

  • Degree-level IT and/or information security qualification, or equivalent experience

  • High quality written and spoken English
  • Google Cloud Platform
  • Terraform
  • CI/CD tools and techniques

NICE TO HAVE
  • Microsoft Azure engineering and/or security
  • Working in an international, complex, matrix-management organization
  • Working with audit, control and risk functions in a regulated organization

  • Information security certification

  • Cloud infrastructure, architecture or security certification
  • Microsoft Azure
  • Terraform Enterprise / Sentinel
  • CI/CD tools
  • VCS (Github and/or Gitlab)
  • Cloud Security Posture Management tools
  • Behaviour Driven Development (BDD) principles and practices, such as Cucumber and Gherkin
  • Typescript
  • Secrets Management in cloud platforms
CAREER AND PROFESSIONAL DEVELOPMENT
  • Competitive salary
  • Luxoft Training Center
  • Access to e-learning Library
  • Individual development plans
  • Long-term cooperation with possibility to gain experience in different projects and technologies
  • A significant number of professional communities (Agile Community, Tech Community, Business Analysis Community, etc.)
Well-being
  • Group Life Insurance
  • Private healthcare insurance – LuxMed. Unlimited access to specialist consultations with Dental Care included
  • Medical costs reimbursement for employees (up to certain amount per quarter)
  • Travel Insurance
  • Benefit Program - Cafeteria and Multisport Card
Work-Life Balance
  • Various communities (sport, recreation activities, trips, board games, cultural and educational activities)
  • Discounts program for employees – BeLux (banking offer, car leasing offer and cafeteria program discount)
  • Convenient locations in a modern offices with game rooms
  • Multinational projects for clients all over the world
Please apply with the button on the right side of this job offer.
We kindly inform you that we will contact only chosen candidates. If you are interested in the above position, please apply by submitting your CV in English

Check out our open roles at career.luxoft.com
and follow us on Facebook!
www.facebook.com/luxoft.poland

Czy chcesz otrzymywać oferty pracy na podobne stanowiska?

Utwórz powiadomienie e-mail
Zapisz mnie

Zapisani kandydaci otrzymują informacje jako pierwsi.

Podziel się ze znajomymi