Principal Specialist - Information Security
Job Description
"
\n Main responsibilities:
\n Colloaborative:
\n Represent the security office in the RnD organisation.
\n Works with development and architect teams to propose solutions that follow the Amadeus standards.
\n Communicate with BISO/TISO to present solutions and maintain the risk register and mitigation plans.
\n Coordinate the elaboration, update, publishing and promotion of the Internal IT security architecture and its strategy.
\n Provide consultancy, guidance and support in Internal IT security architecture to other departments.
\n Ownership of the reporting and governance tasks for SDL and for compliance programs.
\n Own the security epic in the SAFE train if applicable
\n Drive threat modelling exercises for the applications in their scope, together with the TISO office security managers.
\n Provide second level support to White Hats for security-related aspects.
\n Promote coding best practices together with the White hats
\n Leading:
\n Ownership of the reporting and governance tasks for SDL and for compliance programs.
\n Own the security epic in the SAFE train if applicable
\n Drive threat modelling exercises for the applications in their scope, together with the TISO office security managers.
\n Provide second level support to White Hats for security-related aspects.
\n Promote coding best practices together with the White hats
\n Contribute to Internal IT security governance processes definition.
\n Contribute to global security risk analysis: conduct, coordinate or support security related Risk Analysis management process.
\n Contribute to Internal IT security awareness promotion.
\n Main stakeholders:
\n Delivery and Support Teams
\n Product Development Teams
\n Other stakeholders:
\n Heads of departments
\n Sales Teams
\n Client Project Managers
\n Client Delivery Team
\n Essential work experience
\n Experience in implementing Single Sign On on new and existing systems.
\n Experience in implementing Multifactor Authentication on new and existing systems.
\n Experience in implementing Privileged Access Managment systems
\n Experience with IT security design and assessment.
\n Experience working with cloud and on prem data centres.
\n Working with Windows and Linux systems
\n Working on access management systems for a large suite of systems and applications.
\n Desirable but not essential experience:
\n Working with Amadeus systems
\n Working with systems related to the aviation industry especially in the area of passenger processing
\n Skills:
\n AWS, IT Security, Identity Management
\n Knowledge and experience on any programming platform, preferably C#
\n Strong verbal, written and presentation skills with an adept ability to articulate in both technical and business language
\n Strong interpersonal skills with an ability to motivate others and gain buy in from key stakeholders.
\n Ability to collaborate with multiple teams
\n A self-starter, with a 'can do' attitude and a strong client focus
\n Have a strong sense of ownership and accountability for his/her work.
\n Meticulous work ethic
\n Educational qualification:
\n Relevant qualification in Information Technology, Software Engineering/Security or similar discipline"