Senior IT Security Officer

at  Avaloq

Company Description
Founded and headquartered in Switzerland, Avaloq is continuously expanding its global footprint with around 2,500 colleagues in 12 countries, and more than 160 clients in 35 countries. We are an industry-leading provider of wealth management technology and services for financial institutions around the world, including private banks and wealth managers, investment managers, as well as retail and neo banks. Our research led approach and continual innovation is powered by the passion and creativity of our colleagues.
We are always looking for talented people to join us on our mission to orchestrate the financial ecosystem and democratize access to wealth management. Avaloq offers the opportunity to work closely with some of the world’s leading financial institutions as we jointly develop and shape careers. Championing a collaborative, supportive and flexible work environment empowers our colleagues to reach their full potential.
Job Description
You will be part of a well-established international team in Information Security focused on Cloud Security Architecture, Security Tooling Engineering and Automation.
Your role will contribute to the success of the team and the Company.

QUALIFICATIONS

• Bachelor graduate or Post-graduate in Computer Science, Engineering, Information Security, Computer Engineering, Information Technology, or a related field.
• Minimum 7 to 10 years of experience in a similar role
• Ideally previous work experience in a bank, financial institution, or consulting company, preferably with a focus on Information Technology or Cyber Security
• Knowledge of common attacks, web protocols, TCP/IP, firewalls, cryptography, and operational security tools and practices with hand-on experience on Linux OS platform.
• Knowledge of security solution and controls like Network Firewall (Security Groups), IPS (Intrusion Prevention Systems), DDOS systems, WAF (Web Application Firewall) and HTTP Proxy.
• Experience in Cloud platforms. Knowledge of OCI (Oracle Cloud Infrastructure) will be valuable.
• Experience in managing the following security products: Tenable, Splunk, PAM Solutions
• DevSecOps skills (Terraform, GitHub, Containers, Microservice, Serverless function, Cloud technologies).
• Strong problem solving, organizational and time management skills. IT and MS Office suite skills are strongly recommended.
• Calm and logical approach during a critical event with ability to report and explain to Management.
• Strong documentation and training skills.
• Demonstrates the ability to influence others through strong written and verbal communication, maintaining cooperative relationships at all levels of the organization, despite differing perspectives.
• Must have a minimum of one of the certifications from (ISC)2 CISSP, ISACA’s CISA, CISM, product certifications for Tenable, Splunk, PAM Solutions, Cloud Security certification (AWS, Azure, GCP or OCI).

• Support Cloud & Infrastructure Organization by reviewing and analysing Network, Systems, and Application architectures to enforce and validate Security requirements.
• Leads Threat Model exercises for new services/major changes.
• Actively Collaborate with your team members to support them on daily operations, including:
• Review of IT infrastructure solution designs to ensure compliance with policies and standards.
• Operational implementation, Automation, and ownership of Security Tools
• Assist in deploying automation of operational processes and procedures, identify weaknesses, propose, plan, and deploy improvements to address and enhance the infrastructure design.
• Support and maintain the APAC’s Information Security Management System (ISMS) to assure continuous compliance with regulations, laws, and contractual obligations by adopting and deploying industry and market standards and accepted best practices.
• Be on routine standby to support the team.