IT Security Architect

About position

Form of employment: contract of employment

Location: Warsaw (hybrid or remote work)

Salary: 14 000 - 21 000 PLN gross

Unit: Centre of Expertise - IT Security

General information:

Join our security architecture team and work with vendor and supplier management for security aspects, including contract negotiations. You will enforce of security measures within the contract and on-site/off-site audits according to DORA audit requirements. In this position you will research and apply innovative security architecture solutions to new or existing problems and justify and communicate design decisions. 

Your responsibilities

• interacting with senior stakeholders up to an organisational or inter-organisational level
• reaching and influencing a wide range of people across larger teams and communities
• researching and applying innovative security architecture solutions to new or existing problems and being able to justify and communicate design decisions
• working on projects with high strategic impact, understanding the impact of decisions, balancing requirements and deciding between approaches
• producing particular patterns supporting secure and resilient solutions and supporting quality assurance
• leading the technical design of systems and services
• vendor/supplier management for security aspects, including contract negotiations, enforcement of security measures within the contract and on-site/off-site audits according to DORA audit requirements

Our requirements

• demonstrated understanding of Cybersecurity domains: risk management, IT asset security, security architecture and engineering
• knowledge of modern security architectures for both cloud and on-premise deployments
• good understanding of current IT security frameworks and standards
• knowledge of current regulations and their finance-sector specifics is a must (DORA, PCI-DSS, Recommendation D, UKNF communication on information processing using public or hybrid cloud, UKSC, RODO/GDPR)
• understanding of both symmetrical and asymmetrical cryptography
• hands-on experience with public cloud providers, preferably  Microsoft Azure and Google Cloud Platform and their built-in security measures
• excellent communication skills (ability to translate business requirements into IT product, presenting ITSec solutions during IT Architecture Boards, explain complex technical aspects to non-technical audience etc.)
• experience in internal cybersecurity reviews (whitebox methodology) at infrastructure, application and process level
• hands-on experience in vendor/supplier management for security aspects, including contract negotiations, enforcement of security measures within the contract and on-site/off-site audits
• required mobility for security assessments of service providers/suppliers  
• understanding of Data Center security aspects (valued knowledge of security standards like: TIA 942-B Tier 3 standard or [PN]-EN 50600 - Data centre facilities and infrastructures or other appropriate standard with similar requirements)  
• fluent English & Polish languages skills (at least C1 equivalent)

nice to have

• understanding of principal security processes like Vulnerability Management, Security Event Monitoring, Secure (Hardened) Configurations, Incident Management/Response etc.
• understanding of principal ITIL processes like Change Management, Incident Management, Knowledge Management, Access Management etc
• security certificates line CISA, CISM, CISSP etc.
• experience in enterprise threat modelling and risk assessments

Our offer

• We invest in development - we offer co-financing for training and courses as well as access to educational platforms: Udemy Business, eTutor, and an internal e-learning platform. We also offer development internships and consultations with career advisors.
• We care about health and safety - we offer a medical package and life insurance for you and your loved ones, access to the Mindgram platform with individual consultations with specialists and webinars. While working at ING, you have the opportunity to join the Employee Pension Program and the Oncological Prevention Program.
• In practice, work life balance means additional days off: "family day" (it's up to you how you use it), days off in the form of rewards and free hours for volunteering or health prevention.
• For parents, we have additional days of maternity and paternity leave and days off for child care, regardless of the limit used by the other parent.
• By joining us, you decide to work in a stable organization focused on comfortable working conditions with a Top Employer certificate. The future is our joint investment - together with ING you can get involved in any initiative supporting ESG and social responsibility.
• You decide what equipment you work with. We provide each employee with the necessary equipment for work, but if you want to work on a laptop or smartphone of your choice, which you will also use for your private purposes, we provide such an opportunity. We offer a refund and discount program on selected purchases.
• We celebrate together and get to know each other during team trips, family and sports events, such as Children's Day, Run Warsaw or sports tournaments.
• Green office spaces for work and meetings, as well as places to relax - all at your disposal.