What will you contribute? Do you find the financial services world interesting? Do you believe that the banking, as it today, has a potential to mature further in security?
Would your friends say that your employer is lucky you are on the good side of the law? Do you like to explore new technologies and mitigate evolving threats?
If you answered YES to all questions, this position is for you! You will lead the technical product and data security aspects of Finastra's payments solutions.
You will partner with the product, engineering, risk, legal, and ops teams to enhance the information security posture of the payments products.
You will report directly to Head of Product & Data Security. Responsibilities & Deliverables : Your deliverables will include, but are not limited to, the following : Work with the Enterprise Architects to lead the design of secure architecture of the solutions developed by the Treasury and Capital Markets line of business.
Enhance the secure development lifecycle and automated security testing as part of the CI / CD pipelines. Perform threat modeling, design reviews, peer code reviews as part of the secure development lifecycle.
Continuously assess the application security maturity and build enhancement plans by utilizing OWASP SAMM and BSIMM. Work with the Chief Risk Officer and Chief Information Security Officer teams to provide visibility into the security risks and align with the corporate standards.
Educate and empower the security champions within the engineering teams. Required Experience : Bachelor’s Degree in Computer Science or related field.
Equivalent work experience will be considered. Software development background of 5+ years. Ability to articulate security requirements for build and delivery pipelines.
Recent experience of technical security leadership for a payments or online company is required. Experience working with fin-tech companies and financial institutions is desirable Advantage expertise in Microsoft Azure services, such as AKS, DevOps, Front Door, Application Gateway, etc.
Soft skills - effective communication (internal, customer, legal counsel), collaboration (internal, external) and effective written skills (white papers, vulnerability specifications etc.
Active participation in cybersecurity forums / conventions, e.g. DEFCON, Black Hat. Public speaking is a plus