FCI/SaaS Information Security Officer
Warsaw
rekrutacja online
35 dni temu
FCI/SaaS Information Security Officer
[online recruitment]
Location: Warsaw
Reference number: VR-58888
Project Description:

Luxoft is looking to hire information security officer position for SaaS (FCI) product offering, aimed at financial services organisations. The security officer oversees and coordinates security efforts across the SaaS offerings including departments such as corporate cyber security teams, information technology, legal, finance management and other groups, and identifies and establishes security initiatives and standards for all SaaS offerings. The Information security officer is responsible for planning, directing and coordinating the SaaS offerings' information security policies, setting procedures and guidelines to ensure that all information systems are functional, secure and safeguarded and are in compliance with privacy, customer trust and information security laws and regulations applicable to financial institutions. The security officer is responsible for working with key individuals throughout the organization to develop business cases for new security projects and in the risk assessment of existing and planned information systems.

Additionally, the Information security officer is responsible for providing leadership as well as insuring the technical and administrative support for the development of Disaster Recovery and Business Continuity programs for the bank. The role is hands-on

Responsibilities
  • Develop strategy on security for SaaS offerings and based on that, create/modify security policies, procedures and any other required artefacts
  • Identify gaps in SaaS offerings security architecture and create a plan to close the gaps by means of updated processes, procedures, industry certifications etc.
  • Lead the response to clients' questionnaire on SaaS offerings
  • Monitor access to all systems and maintains access control profiles on computer network and systems. Track documentation of access authorizations to all resources.
  • Develop and/or maintain appropriate Segregation of Duties within and across applications.
  • Research and investigate measures that address data security risks and potential losses for reporting purposes.
  • Work on determining acceptable risk levels for the enterprise and ensuring the IT environments are adequately protected from potential risks and threats.
  • Participate in development and implementation of the appropriate and effective controls to mitigate identified threats and risks.
  • Follow-up on detected security issues and implement solutions to reduce security risks
  • Assist in the research, development, communication, maintaining and working with the operational units on the enforcement of IT security architecture, policies, procedures, solutions and standards.
  • Oversee incident response planning as well as the investigation of security breaches, and assist with disciplinary and legal matters associated with such breaches as necessary
  • Support improved data security awareness and education including on-call availability.
  • Responsible for staying abreast of the latest industry security practices and technologies
  • Meet with clients and Business Owners to analyze, document and define requirements associated with new development or maintenance and enhancements to existing security roles and permissions. Review completed roles/permissions with users to ensure requirements are fully met.
  • Deliver services that meet regulatory specifications. Work with internal and external auditors to document and confirm that all security administrative duties are properly performed as well as demonstrate overall compliance.
  • Ensure project and client alignment with company security standards where applicable.
Skills
  • A Bachelors degree in computer science or related field, minimum 5+ years of progressive experience in information Security for SaaS offerings
  • Familiar with Cloud Security
  • Must be an intelligent and persuasive leader who can serve as an effective member of the senior management team and who is able to communicate security-related concepts to a broad range of technical and non-technical staff. Acting as a bridge between IT and business process owners.
  • In-depth knowledge and experience in the following information security areas:
  • Information security assessment and auditing procedures, from both technical and business perspectives, and the use of formal methodologies
  • Vulnerability scanning and auditing tools
  • Enterprise-scale network and host-based IDS architectures
  • Enterprise-scale firewall architectures
  • E-commerce application security
  • Computer investigation and forensics methods and technologies
  • Secure messaging architectures
  • Strong Knowledge of regulatory bodies, and the regulations and guidance issued by these bodies
  • Must possess strong project management and leadership aptitude; demonstrated professionalism in managing multiple projects and resources effectively.
  • Should have experience with business continuity planning, auditing, and risk management, as well as contract and vendor negotiation.
  • Outstanding communications skills - must be proficient communicating across all levels of the organization as well as building successful relationships
Our offer
Career and Professional Development
  • International projects for clients all over the world
  • Competitive salary
  • Individual development plan
  • Managerial Targeted Training programs
  • BRIDGE Mentoring Program
  • Luxoft Training Center
  • Language Classes
  • Self-learning online library
  • Global Relocation Program
  • Internal Mobility (a chance to gain experience in varied projects and technologies)
  • Professional communities for knowledge-sharing (Agile, Tech, Business)
Well-being
  • Group Life Insurance
  • Travel Insurance
  • Private Healthcare (dental care, unlimited consultations of specialist physicians)
  • Medical costs reimbursement for employees
  • Benefit Program (Cafeteria and Multisport Card)
Work-Life Balance
  • LuxGood Program (a wide range of health and well-being initiatives)
  • After-hours groups (sport, trips, board games, cultural activities)
  • Company and Team events
  • BeLux - discount offers program (banking, car leasing, other)
  • Convenient locations in modern offices
Career and Professional Development
  • International projects for clients all over the world
  • Competitive salary
  • Individual development plan
  • Managerial Targeted Training programs
  • BRIDGE Mentoring Program
  • Luxoft Training Center
  • Language Classes
  • Self-learning online library
  • Global Relocation Program
  • Internal Mobility (a chance to gain experience in varied projects and technologies)
  • Professional communities for knowledge-sharing (Agile, Tech, Business)
Well-being
  • Group Life Insurance
  • Travel Insurance
  • Private Healthcare (dental care, unlimited consultations of specialist physicians)
  • Medical costs reimbursement for employees
  • Benefit Program (Cafeteria and Multisport Card)
Work-Life Balance
  • LuxGood Program (a wide range of health and well-being initiatives)
  • After-hours groups (sport, trips, board games, cultural activities)
  • Company and Team events
  • BeLux - discount offers program (banking, car leasing, other)
  • Convenient locations in modern offices
Please send your CV with consent for processing your personal data for recruitment purposes using the below button
APPLY
Informujemy, że administratorem danych jest Luxoft z siedzibą w Krakowie, ul. Bora Komorowskiego(dalej jako "administrator"). Masz prawo do żądania dostępu do swoich danych osobowych, ich sprostowania, usunięcia lub ograniczenia przetwarzania, prawo do wniesienia sprzeciwu wobec przetwarzania, a także prawo do przenoszenia danych oraz wniesienia skargi do organu nadzorczego. Dane osobowe przetwarzane będą w celu realizacji procesu rekrutacji. Podanie danych w zakresie wynikającym z ustawy z dnia 26 czerwca 1974 r. Kodeks pracy jest obowiązkowe. W pozostałym zakresie podanie danych jest dobrowolne. Odmowa podania danych obowiązkowych może skutkować brakiem możliwości przeprowadzenia procesu rekrutacji. Administrator przetwarza dane obowiązkowe na podstawie ciążącego na nim obowiązku prawnego, zaś w zakresie danych dodatkowych podstawą przetwarzania jest zgoda. Dane osobowe będą przetwarzane do czasu zakończenia postępowania rekrutacyjnego i przez okres możliwości dochodzenia ewentualnych roszczeń, a w przypadku wyrażenia zgody na udział w przyszłych postępowaniach rekrutacyjnych - do czasu wycofania tej zgody. Zgoda na przetwarzanie danych osobowych może zostać wycofana w dowolnym momencie.

Poznaj

Luxoft

Why Luxoft?

Luxoft is built by Luxofters. Every member of our global team forms part of the backbone of our business, so we make sure to support the continual development of our dedicated workers. In addition, we build highly effective teams that are incubators of unparalleled accomplishment. The ethos guiding our investment into each and every Luxofter can be described by three words: we grow personally and professionally, we unite in team spirit and we lead on a global scale. We have a robust digital presence, so it is easy to become familiar with the company online. From participating in online events such as LoGeek Nights, listening to our TechTalk podcasts, reading Luxoft’s regular LoGeek Magazine, or honing your skills by joining one of our Luxoft Technology Series webinars, those interested in knowing more about Luxoft have numerous ways to get a feel for our company. Getting a vibe for Luxoft is only a click away. Join Luxoft and help create ​the tech innovations of tomorrow.

Recruitment process

Step Send Your Resume and talk to our Recruitment Specialist
Step Interview with Technical Specialist
Step Project Lead Interview
Step Job Offer