Chennai, Tamil Nadu, India
Information Technology
Full-Time
Travelex
Overview
Role purpose
Reporting into the Head of IT Security, this role will encompass defending Travelex against Cyber threats. This has a dependency on optimising our technology to be based on sound Cyber security principles for us to accurately manage and defend any such attack placed upon the organisation.
Cyber Security is seen as a key strategic pillar within the organisation as the methods attackers use evolve Travelex recognises the requirement to remain dynamic in its defence against such threats. A Clod Security Engineer will develop and maintain robust IT Security Cloud practices that support the adoption of security standards and Policies. ensuring our cloud enviroments strictly adhere to our Cloud Centre of Excellence standards, we have the right security technologies for asset, vulneribility and monitoring as well as threat hunting for opportunities for improving the security and optimising the enviroment.
At this level, you will:
- work on projects with high strategic impact, setting a strategy that can be used in the long term and across the breadth of the organisation
- communicate with a broad range of senior stakeholders and be responsible for defining the vision, principles, and strategy for security architects
- recommend security process design across several projects or technologies, up to an organisational or inter-organisational level
- have a deep and evolving level of technical and governance expertise, so you can act as an exemplar
- make and influence important business and architectural decisions
- research, identify, validate, and adopt new methodologies
- be a recognised expert and demonstrate this expertise by solving unprecedented issues and problems
- further the profession, demonstrating and sharing best practice within and outside the organisation
Key accountabilities
Relationship management
- Develops and maintains robust relationships with key business stakeholders to ensure assurance analysis is visible and in line with agreed customer expectations.
- Ensures the smooth integration of new assurance standards.
- Raise awareness and profile of Cyber across the business at all levels.
Experience and personal qualities
Management information
- Writes and speaks fluently on all aspects of work and communicates effectively with all levels of management.
- Produces accurate, timely and relevant MI for the Head of Security Operations, CISO and the team as required.
Communication
- Writes and speaks fluently on all aspects of work and communicates effectively with all levels of management.
- Responsible for pro-active and regular communication with other areas of IT and the business in relation to Assurance analysis.
- Actively communicate and seek feedback from colleagues and customers.
- Play a participative part in Team Briefs.
- Be proactive in the provision of feedback and the delivery of ideas to develop and improve the Assurance service.
- Ensure feedback to line manager outlining general activities of role and ‘how we are doing’.
General
- Undertakes any necessary training associated with the duties of the post and participates in training and development procedures.
- Complies with all Company Health and Safety policies and legislation in the performance of their duties and responsibilities.
- Maintains confidentiality and observes data protection guidelines.
- Carries out any other reasonable duties commensurate with their capability.
Essential
Skills needed for this role
Cloud Security:
- AWS Security: Design, implement, and maintain security architectures within AWS environments. Configure IAM roles, policies, and resource-level permissions to enforce the principle of least privilege.
- SaaS Security: Assess and enhance security measures for SaaS applications, implementing identity and access management controls and data protection strategies. Conduct regular security assessments and compliance audits of SaaS providers.
- Web Application Firewalls (WAFs): Deploy and manage WAF solutions to protect applications from common web vulnerabilities. Regularly tune WAF rules to minimize false positives and ensure effective threat mitigation.
- Container Security: Implement security best practices for Docker and containerized applications, including image scanning, vulnerability assessments, and runtime protection. Collaborate with development teams to integrate security into the CI/CD pipeline.
- Virtualization Security: Secure virtualized environments, ensuring that virtual machines and networks are appropriately configured and monitored. Implement security measures for hypervisors and guest operating systems.
Security Technology Reviews & Capability Roadmapping:
- Technology Evaluation: Conduct thorough reviews of existing cloud security technologies and assess their effectiveness in threat detection and prevention. Identify gaps and areas for improvement. Proficient in technologies such as cloudgaurd , inspector, security groups, aws suricata FW, terraform and more.
- Feature Analysis: Analyze new features and technologies relevant to AWS, SaaS, WAFs, and containers to ensure the organization has the right tools available for proactive security measures. Stay informed about emerging trends in cloud security.
- Capability Road mapping: Develop and maintain a strategic roadmap for cloud security capabilities, outlining planned enhancements, new technology acquisitions, and necessary integrations to improve overall security posture.
- Reporting: Prepare and present regular reports on cloud security technology performance, threat landscapes, and capability gaps to senior management, providing actionable recommendations for improvement.
SCRUM Master Responsibilities:
- Agile Facilitation: Facilitate SCRUM ceremonies (daily stand-ups, sprint planning, reviews, and retrospectives) with a focus on optimizing team collaboration and performance.
- Cross-Functional Liaison: Serve as a communication bridge between security, development, and operations teams, ensuring that security considerations are integrated into every phase of cloud project development.
- Impediment Removal: Proactively identify and remove obstacles hindering team progress, fostering an environment of continuous improvement and agility.
- Project Scope Management: Assist in defining project scope, objectives, and deliverables in collaboration with stakeholders, ensuring alignment with security goals.
- Monitoring & Reporting: Track project progress and performance metrics, providing insights to senior management on team productivity and project milestones.
General
- Experience in automation and finding opportunities in processes to use automation
- Analytical with the ability to seek out gaps, risks or circumvention and provide solutions to mitigate.
- Immaculate documentation creation, maintenance and record keeping
- Can work at multiple levels with the ability to integrate IT Security requirements into other business functions.
- Experience and knowledge of multiple security certifications and legislation such as ISO 27001, SOC2, Cyber essentials and Cyber Essentials+, GDPR, FCA, etc.
- Has a wide general knowledge of technical, governance and assurance within IT Security
- Process and data driven with the ability to present findings/opportunities from data and analysis gathered
- Leads the culture change for documentation creation and maintenance
- Ability to work across many technical related projects at once and keep up with BAU activities
- Works with the Cyber reporting team to produce timely, accurate and frequent reports for both IT leadership and Executive leadership.
Desirable
- Strong verbal and written English communication. Ability to communicate effectively at all levels and to influence key stakeholders.
- Professional approach with a confident assertive style and sstrong interpersonal and presentation skills
- Ability to build & maintain strong relationships with peers and colleagues.
- High level of quality focus.
- A “Can Do” attitude
- Financial Services industry experience.
- Familiarity with ITIL concepts as incident, problem and change management
- Certification such as CISSP, CISM, CISMP, GCIH, CEH, CCNA Security, Security+, CHFI, etc.
- Working Knowledge of IT Security Compliance (SOC2, PCI DSS, Data Protection Act, Sarbanes Oxley, ISO, etc)
- Bachelor’s in computer science/IT/Electronics Engineering, M.C.A. or equivalent University degree
- Minimum of 8-10 years of experience in the IT security industry.
Similar Jobs
View All
1 Day ago
TrueFan - Senior Machine Learning Engineer
Information Technology
- Thiruvananthapuram, Kerala, India
About UsTrueFan is at the forefront of AI-driven content generation, leveraging cutting-edge generative models to build next-generation products. Our mission is to redefine content generation space through advanced AI technologies, including deep ge...
1 Day ago
Salesforce commerce cloud consultant
Information Technology
- Thiruvananthapuram, Kerala, India
Salesforce Commerce Cloud consultant 5+ Years of Experience 6 to 12 months Mode - Remote 1.1LPM - 1.2LPM Max Key Responsibilities Translate business requirements into scalable Salesforce Service Cloud solutions, in collaboration with CAE's technic...
1 Day ago
Cloud Infrastructure Engineer
Information Technology
- Thiruvananthapuram, Kerala, India
DescriptionInvent the future with us. Recognized by Fast Company’s 2023 100 Best Workplaces for Innovators List, Ampere is a semiconductor design company for a new era, leading the future of computing with an innovative approach to CPU design focuse...
1 Day ago
Devops Engineer- Intermetiate
Information Technology
- Thiruvananthapuram, Kerala, India
BackJD: Dev ops Engineer:As a DevOps Specialist- should be able to take ownership of the entire DevOps process, including Automated CI/CD pipelines and deployment to production.They should also be comfortable with risk analysis and prioritization.Le...
1 Day ago
Sr Data Scientist (London)
Information Technology
- Thiruvananthapuram, Kerala, India
AryaXAI stands at the forefront of AI innovation, revolutionizing AI for mission-critical, highly regulated industries by building explainable, safe, and aligned systems that scale responsibly. Our mission is to create AI tools that empower research...
1 Day ago
Software Test Engineer
Information Technology
- Thiruvananthapuram, Kerala, India
By clicking the “Apply” button, I understand that my employment application process with Takeda will commence and that the information I provide in my application will be processed in line with Takeda’s Privacy Notice and Terms of Use. I further att...
1 Day ago
Software Developer 5 (Java Fullstack)
Information Technology
- Thiruvananthapuram, Kerala, India
Job DescriptionBuilding off our Cloud momentum, Oracle has formed a new organization - Oracle Health Applications & Infrastructure. This team focuses on product development and product strategy for Oracle Health, while building out a complete platfo...
1 Day ago
Java Developer - Spring Frameworks
Information Technology
- Thiruvananthapuram, Kerala, India
Java DescriptionWe are looking for a passionate and talented Java Developer with 2-3 years of hands-on experience to join our growing development team.The ideal candidate should have a strong foundation in Java technologies and the ability to develo...
Talk to us
Feel free to call, email, or hit us up on our social media accounts.
Email
info@antaltechjobs.in