Description
On behalf of our client, an international financial institute, we are looking for external support with skills and abilities as stated below.
IT Security Engineer (f/m) financial area Luxembourg P111
Job role: IT Security Engineer (f/m)
Field of Activity
Investment Funds Service (IFS) IT section builds, maintains and operates a portfolio of applications which provide clients state of the art solutions to standardise fund processing, and to increase efficiency and safety in the investment funds sector.
Our global funds processing platform Vestima allows for reaching all types of funds, from mutual funds to ETFs and hedge funds.
Division/Section
Investment Fund Services IT, Analysis, Architecture & Project Management
Task/Responsibilities
As part of a working group acting in the domains of infrastructure, security and architecture, you will take responsibilities in a broad range of security engineering activities covering the entire IFS IT landscape.
Your assignments will include:
Analysing and documenting the security of the IT system and application landscapes, along the criteria defined by the corporate Information Security department.
This includes parts of landscape newly acquired from external companies. Your action typically ranges from operating systems to Web applications, and includes third-party software and public Cloud services
Engineering, documenting and promoting innovative solutions for the information security risks identified in the scope of projects or applications; reporting on the existing open risks
Interacting with the IT teams in charge of development, infrastructure, administration and operation, as well as with third-party vendors, in order to collect/communicate security-related information
Going hands-on with the IFS IT systems so as to extract necessary security design information when it is not readily available
Acting as the main IT security point of contact for specific projects; reporting to the Project/Release Manager
Managing the interaction with the corporate Information Security department; ensuring that the information security compliance processes are adequately defined and enforced
Analysing and driving the remediation of information security vulnerabilities; analysing relevant third-party patches and defining appropriate regression test cases and promotion processes
Handling information security enquiries coming from customers, corporate Information Security or internal/external auditors
Qualifications/required skills
Must have:
University Degree (or equivalent) in computer science, with at least 5 years professional experience in IT
Sound experience with critical enterprise information security design as architect, security engineer or full-stack application designer
Solid background understanding of base security concepts such as encryption, authentication, access control, signature, data integrity
Very good understanding and practical experience of TLS and public-key cryptography
Practical experience with the following technologies: Linux, Windows, Shell Scripting, RDBMS, Messaging Middleware, Web server
Ability to digest various abstract requirements in the field of security, and map them to practical situations
At least basic software development skills in a modern object-oriented programming language
Good communication skills with the ability to justify and challenge security design decisions
Proficiency in written and spoken English; French and German language skills are an asset
Highly desirable:
Professional experience with application software development, esp. using Java and Go
Experience with the specific security challenges posed by Internet-facing Web applications
Experience with identity management/federation/SSO platforms, esp. OpenAM
Experience with public Cloud services, esp. Microsoft Azure
Experience with regulatory requirements and concerns: risk assessment, data protection
Assignment:
Fulltime (100%)
Duration: 3 months (optional extension)
Start: 1st of August 2018
Location: Luxembourg
Please let us know if this project is of interest for you and when you are available.
Best regards
Andy
GDPR:
You are interested in this project and would like to send us your CV?
Due to the General Data Protection Regulation (GDPR), we would like to ask you to give us your written consent to the permanent storage of your data in your email. We use your data exclusively for the purpose of our staffing activities.
Of course, you have the right to information, correction, blocking or deletion of your data at any time.
Template: I agree to the permanent storage of my data. I know that I have the right to information, correction, blocking or deletion and can revoke this consent at any time".