The candidate will join one of the largest banking institutions in the world.
Global Cybersecurity Operations (GCO) provides a coordinated suite of “Network Defence” services responsible for detecting and responding to information and cybersecurity threats to our assets across the globe and is under the management of the Head of Global Cybersecurity Operations. This includes dedicated functions for the monitoring and detection of threats within the global estate as well as Cybersecurity Incident Management and Response activities. These two principal functions are supported by additional internal GCO capabilities; Cyber Intelligence and Threat Analysis and Cybersecurity Technology Operations. Critical to the success of GCO is it close partnership with sister Cybersecurity teams, IT Infrastructure Delivery and Global Business and Function clients. The overall GCO mission is placed under the purview of the Group Chief Information Security Officer (CISO).
The GCO Engineering team’s mission is to solution, design, build and deploy various security tooling within our aligned to our Security Operations Centre. The team is responsible for building solutions that are enterprise class, meet the requirements of our M&TD & IM&R teams and are resilient. The team also ensures there is adequate monitoring to proactively detect system failures and manages the performance and capacity of the platforms on an ongoing basis. This mission is critical to the protection of our customers, the our brand, shareholder value, as well as our information and financial assets.
- Designing, building and deploying security tooling within various cloud platforms specifically AWS, Azure & GCP
- Building integration for cross cloud connectivity SIEM (Security Info. Event Management) platforms
- Works independently, mentor’s peers and is asked to function as Lead Engineer on projects
- Responsible for design, development, migration and hands-on implementation of Azure Security, Azure IaaS and PaaS cloud solutions
- Participate in planning, implementation, and growth of our Microsoft Cloud foundational footprint as it pertains to security tooling
- Work closely with other architects and engineers to recommend, design and implement solutions that effectively reflect our SOC business needs, security, and service level requirements
- Managing and owning the relationship with the Cloud platform teams and ITID infrastructure delivery teams to support a collaborative and effective security focussed partnership.
- Train, develop, mentor and inspire cybersecurity colleagues in area(s) of specialism.
- Collaborate with the wider Cybersecurity and IT teams to ensure that technological remain fit for purpose.
- Promote a “self-critical” and continuous assessment and improvement culture whereby identification of weaknesses in the bank’s control plane (people, process and technology) are brought to light and addressed in an effective and timely manner.
- Supporting a “self-critical” culture whereby identification of weaknesses in the bank’s control plane (people, process and technology) are brought to light in an effective manner and addressed.
- Excellent cloud systems engineering skills, insatiable curiosity and an innate drive to win.
- Strong problem-solving and trouble-shooting skills.
- Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one.
- Developed external peer network for sharing intelligence
- An understanding of business needs and commitment to delivering high-quality, prompt and efficient service to the business.
- An understanding of organisational mission, values and goals and consistent application of this knowledge.
- Self-motivated and possessing of a high sense of urgency and personal integrity.
- Highest ethical standards and values.
- Experience defining and refining operational procedures, workflows and processes to support the team in consistent, quality execution of monitoring and detection.
- Good understanding of cyber security principles, global financial services business models, regional compliance regulations and laws.
- Good understanding and knowledge of common industry cyber security frameworks, standards and methodologies, including; OWASP, MITRE ATT&CK, ISO2700x series, PCI DSS, GLBA, EU data security and privacy acts, FFIEC guidelines, CIS and NIST standards.
- Good communication and interpersonal skills with the ability to produce clear and concise reports for targeted audiences across internal and external stakeholders.
- Ability to speak, read and write in English, in addition to your local language.
- At least 5 years’ experience building and tuning highly available infrastructure in either of the cloud environments AWS, Azure or GCP
- Deep understanding of current AWS, Azure, GCP capabilities, limitations, and costing methodologies;
- Hands-on experience designing effective and scalable security strategies using IAM roles/ policies;
- Hand-on experience with AWS, Azure & GCP foundation services related to compute, network, content delivery, administration and security, deployment and management, automation technologies.
- Lead the design, implementation, testing, documenting of infrastructure technologies with varying degrees of hands-on execution tasks.
- Ability to build architectures and provide prescriptive guidance across network, storage, operating systems, virtualization, RDBMS & NoSQL databases, mid-tier technologies that include application integration, Streaming, in-memory caches, and security.
- Ability to facilitate architecture decisions related to AWS, Azure & GCP services (Route 53, ELB, EC2, ECS, SQS, SNS, CloudWatch, Lambda, Dynamo DB, Kinesis, etc.)
- Experience with core Google Cloud services including Compute, IAM, VPC, Cloud Run, and GKE.
- Experience working with container and serverless technology.
- Strong experience in building and deploying applications on the Cloud, using CI/CD frameworks and Infrastructure automation.
- Expert level of knowledge and demonstrated experience of common log management suites, Security Information and Event Management (SIEM) tools for the collection and real-time analysis of security information.
- Expert level knowledge of one of more leading Cloud platforms including Microsoft Azure, Amazon Web Services, Google Cloud Platform and Alibaba Cloud.
- Expert level knowledge of security event logging, monitoring, detection and response on one or more of the leading Cloud platforms using tools and native capabilities such as AWS GuardDuty, Azure Sentinel, Google Security Command Center and Alibaba Cloud Security Center.
- Excellent knowledge and demonstrated experience of common operating systems and platforms to include Windows, Linux, UNIX, Citrix, GSX Server, iOS, OSX, etc.
- Excellent knowledge of common network protocols such as TCP, UDP, DNS, DHCP, IP, HTTP, etc. and network protocol analysis suites.
- Functional knowledge of scripting, programming and/or development of bespoke tooling or solutions to solve unique problems.
They can offer:
- Excellent and positive work environment
- A stable role with a consistent set of responsibilities
- Career development prospects within the multi-national leading financial organization
- Private health care and employees’ benefits
- sharing the costs of sports activities, sharing the costs of foreign language classes, sharing the costs of professional training & courses, life insurance, retirement pension plan
Note: Prepare your CV in English (PDF), fill in the form, and apply!
Please include in your CV the following clause necessary for the recruitment process:
“I agree to the processing of personal data that I have made available voluntarily in the recruitment process by the Administrator of personal data, i.e. Dotcommunity Spółka z ograniczoną odpowiedzialnością [Ltd.] based in Cracow, 15 Żabiniec Street, 31-215 Cracow, registered in Poland, the Cracow’s District Court – Śródmieście, XI Commercial Division of the National Court Register under number 0000468484, VAT number: 9452174499, (“Dotcommunity”) in order to carry out the recruitment process for the (Cybersecurity Operations) Lead Cloud Systems Security Engineer position on the basis of Art.6 item 1a of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation)”