Security Architect

WROCŁAW

Our Center of Excellence in Wrocław has a strategic role in creating innovations and working with cutting-edge technologies to support Intrum growth worldwide. We are happy to announce a new opportunity to join our team in Wrocław and become a part of a large international company as Security Architect.

Purpose of the job:

The security architect plays an integral role in defining and assessing enterprise security strategy, architecture and practices. The security architect will have a special focus on selected areas within Information Security, namely DevSecOps and Cloud infrastructure security, as well as Access and Identity Management for end users and privileged users. The security architect is also an integrated member of the Group Information Security team, working within all information security diciplines.

Responsibilities:

  • Develop and maintain an enterprise security architecture model for DevSecOps and use of cloud intrastructure services that enables the enterprise to utilize modern technogy offerings in an efficient, secure and compliant manner.
  • Develop and maintain an enterprise security architecture model for identity and access management that enables the enterprise to develop and implement security solutions and capabilities that are clearly aligned with business, technology and threat drivers.
  • Develop and maintain security architecture models, templates, standards and procedures that can be used to leverage security capabilities in projects and operations.
  • Participate in application and infrastructure projects to provide security-planning requirements, advice and methodology.
  • Model and develop business cases for alignment and automation of procedures within access and identity management, cloud infrastructure security, and SecDevOps utilization.
  • Owner of the internal security roadmap for access and identity management, cloud infrastructure security, and SecDevOps utilization.
  • Member of the Group Information Security team, participating in security monitoring, risk and compliance management for IT and information security.
  • Draft security procedures and standards to be reviewed and approved by management and/or formally authorized by the CISO.
  • Determine baseline security configuration standards for and identity and access management (IAM), including public and internal APIs.
  • Validate IT infrastructure and other reference architectures for security best practices and recommend changes to enhance security and reduce risks, where applicable.
  • Ensure that the organization’s requirements for single-sign on and use of two-factor authentication for internal and external applications is well known, supported by security technology and taken into use by the organization.
  • Review and evaluate the design and operational effectiveness of security-related controls.

Requirements:

3-5 years of experience from a broad variety of information security diciplines, or as information security architect.

3-5 years of experience in at least one of the following areas:

  • Direct, hands-on experience in secdevops processes and secure use of cloud infrastructure
  • Direct, hands-on experience of working with IDM/IAM systems, SSO/federation systems or secure API management
  • Direct, hands-on experience facilitating access management or access review processes, including alignment with internal second or third line functions

Working knowledge of IT service management (e.g., ITIL-related disciplines):

  • Change management
  • Configuration management
  • Asset management
  • Incident management
  • Problem management

Full-stack knowledge of IT:

  • Applications
  • Databases
  • Operating systems — Windows, Unix and Linux
  • Hypervisors
  • IP networks — WAN and LAN
  • Storage networks — Fibre Channel, iSCSI and NAS
  • Backup networks and media

Strategic planning skills — The enterprise security architect must interpret business, technology and threat drivers, and develop practical security roadmaps to deal with these drivers.
Communication skills — The enterprise security architect will be required to translate complex security-related matters into business terms that are readily understood by colleagues. The enterprise security architect should anticipate presenting analyses in person and in written formats.
Financial analysis — As part of the due diligence of security technologies, the enterprise security architect will be expected to evaluate the financial costs of recommended technologies. Specifically, the enterprise security architect will need to quantify purchasing and licensing options, estimate labor costs for a given service or technology, and estimate the total cost of operation (TCO), the ROI, or the payback period for services or technologies replacing existing capabilities.
Project management — Security services and technology implementations will require solid project management skills. The enterprise security architect will be expected to draft project plans for security service and technology deployments and coordinate with stakeholders across the organization.

What do we offer?

  • Flexible working hours
  • Possibility of remote work
  • Private medical care (Lux Med) Benefit program (including Multisport card)
  • Life insurance Competitive salary (creative work included)
  • Multinational environment
  • Relax zone with available PlayStation and table football
  • Kitchen full of coffee, tea and juices
  • Team building events

We are waiting for your application: igt.recruitment.pl@intrum.com

The privacy policy for candidates.