Requirements

Your responsibilities

• being responsible for translating security requirements into service portfolio that will help to establish the scope of security architecture function
• contributing to development and implementation of security architecture process into process portfolio and ensuring effective and efficient collaboration as well as enforcement of security architecture principles
• supporting analysis and assessments of the current technological landscapes, discovering gaps, deficiencies and recommending design or implementation improvements
• translating information security policies into a technical security control framework and security architectural blueprints, communicating these to the projects and stakeholders
• participating in definition, prototyping and continuous development of ERGO security reference architecture, methodology, models and security controls; aligning requirements from the architecture teams, technology teams and Global IT Security colleagues
• supporting and/or consulting implementation of security architecture
• managing stakeholder relationship by working closely with business stakeholders, domain leaders, process owners and third-party suppliers
• ensuring that projects and solutions incorporate secure by design principal and that IT security is embedded at early stages of the development process
• challenging the status-quo, service landscapes and security solutions in order to improve the adherence with security principles as well as policies and standards
• reviewing existing architectures in the projects and assessing the security maturity and compliance levels, with the goal of jointly identifying potential short- and long-term improvement

Our requirements

• fluency in English and Polish (C1)
• proven knowledge of international security standards and methodologies as well as additional qualification (CISSP, CISA, CISM, SABSA, TOGAF or equivalent)
• at least 5 years of experience working in enterprise environment and 2 years of experience working as a security architect or similar position
• hands-on experience and superior technical knowledge in at least two of following technologies: Windows, Linux/Unix, Networking, Databases, Middleware, CI/CD, Containerization/K8S, Public cloud (AWS, Azure, GCP)
• ability to translate business requirements into technical solutions
• presentation skills including ability to present and explain complex cybersecurity solutions to non-technical audience (including C-level management)
• good analytical and conceptual skills
• excellent experience in security solution evaluation (e.g. Proof of Concept) and recommendation
• ability to build authority and form strong relationships
• ability to deal with ambiguity while working in a continually changing environment under indirect supervision
• education degree related to IT or Security