The employer is an international fintech company that develops financial applications for 100K+ active traders and investors all over the world, is looking for an Infrastructure Security Team Lead to join company in Limassol, Cyprus to lead the Infrastructure Security Team with the objective to identify existing and emerging security threats in infrastructure services and protect from them.
The position reports to CISO and located in Limassol, Cyprus.
€ Salary negotiable
Provide leadership to the Infrastructure Security Team.
Partner with business stakeholders to mitigate information risk management concerns.
Work directly with the business units to facilitate risk assessment and risk management processes.
Maintain effective communication and coordination with the IT Infrastructure team(s) in security-related areas.
Ensuring that information assets and technologies are properly protected, which includes the following: - Setting information security controls; - Enforcing compliance with these controls and technology-related regulatory requirements; - Conducting internal and external audits; - Data loss and fraud prevention. Making sure the staff doesn't misuse data; - Manage personal data protection measures (including GDPR); - Development of security policies and procedures.
Govern architecture, implementation and operations of IT systems from a security perspective.
Security architecture: planning, buying, and rolling out security tools.
Operations-related: Identity and access management. Ensuring that only authorized people have access to restricted data and systems; - Management of Security incidents. Investigations and forensics; - Operate security tools: WAF, VPN, SIEM, etc.
Management and development of security education program for employees.
At least 5 years of experience in Information Security or IT management roles.
People management skills.
Ability to leverage business communication skills to inform, convince, and educate stakeholders, employees, and leadership to enable effective information security activities and processes.
Knowledge of the most common vulnerabilities and ways of mitigation of their exploit.
Hands-on experience with modern information protection systems, including open source products.
Experience in administering of Linux and Windows systems.
Administering and security configuration of virtualization, containerization (Docker), and cloud services (AWS).
Cryptography foundations. Knowledge of X509 standard and experience with PKI administration.
Experience with audits: internal and external.
Broad spectrum of tech knowledge in the following areas (the list is not exhaustive): Linux family, Docker, Kubernetes, vSphere, AWS, Vault, LDAP, Cisco ASA, Microsoft Windows / AD, SSO.
ITSM and project management fundamentals.
English language (Upper-Intermediate or higher).
General acquaintance with regulatory frameworks and compliance requirements associated with financial services is a plus.
Any industry certifications are a plus.
Visa and relocation for employee and his/her family (tickets, visas, work permit, corporate flat for the first month, etc)
Medical insurance for employees and family members