IT Security Engineer (CI/CD)Amsterdam
For our client in Amsterdam we are looking for an IT Security Engineer (CI/CD).
The platform provides an integrated and compliant engineering journey for engineers globally. You’re responsible for delivering security & risk solution in the CI/CD pipeline. You’re familiar with market standards with regards to CI/CD tooling and are know the latest market development with regards to IT Risk (Controls)
The purpose of the Platform is to enable us to be within its IT Risk Appetite and to reduce the cost of compliance and each individual DevOps teams by providing solutions for entity wide IT Risk controls. We assist our Engineers Globally in being successful by providing them a compliant CI/CD pipeline on which they can rely on for the bulk of the IT Risk and IT Security Controls. You as an IT Security Engineer are vital to fulfil this purpose as IT Risk and IT Security is part your DNA.
Your key responsibilities:
Together with the people in your squad, you are responsible for implementing IT Risk & Security capabilities in the CI/CD Pipeline and leading the organization with regards to IT Risk. You’re familiar with the market standards.
Your main focus will be on the following IT Risk and Security capabilities:
Drive Risk Control Implementation on all 7 Risk Pillars
Automate and simplify Security & Risk Controls
Designing technical Security Solutions
Lifecycle management of the Risk Controls and the corresponding designs/solutions
IT & Sec Risk Assessment
Key Control Testing
Evidence Gathering and Reporting
Manage Third Party & Cloud Security
Vulnerability and Patch Management
Security Monitoring & Alert Handling
Ability to discuss solutions in depth with 2nd and 3rd line to adhere to the Control Objectives
We are looking for:
You are an energetic and proactive IT Engineer with a passion for the securing Tech environments and a positive, “Do it-Try it-Fix it” mentality. You know how to code and have extensive experience with CI/CD. You are a natural team player who forms relationships based on social skills rather than hierarchical structure. Enhancing the IT Risk and Security controls and ultimately make us be within IT Risk appetite while reducing the costs of compliance, is a challenge to you. Close cooperation with and between the DevOps teams, Infra, 2nd and 3rd line is your greatest achievement.
You have a broad understanding of both technical and orange code competences with which you feel comfortable with all Global Engineering Platform services and know your way around the Tech squads and the 2nd and 3rd line globally. You continuously strive to develop both yourself and your colleagues in the IT Risk & Security mind-set.
This role requires emphasis on the following:
You have excellent problem-solving skills and are passionate about IT Security.
You are inspiring and show energy and passion.
You are capable of implementing one way of working regarding the implementation of IT Security & IT Risk controls
You have a good feel on how everything works in the international organization and you understand the underlying spheres of influence.
You are focused on cross border and multi-party collaboration: you set aside your own 'ego' in the interests of achieving the best results - you help others to be successful.
You are able to design and implement technical Security solutions
You are have a proven track record in the usage of CI/CD Cloud solutions
Education and background:
A personality and the capabilities to optimally function within an Agile environment
Experience in guiding and realizing change
Professional and intellectual IT skills at bachelor or university level, preferably IT Master
Extensive experience in both IT Security and IT Risk
You have a background in IT engineering area, preferably in Agile teams as a DevOps Engineer
5+ years’ experience in programming and software development.
Preferably certified in AZ-400(Azure DevOps) and/or AZ-103(Azure Administrator)
Strong knowledge and experience in Azure/AWS/Google Cloud.
Preferably knowledge of Security and Risk Certification and / or proven skills in Security and Risk
Excellent oral and written command of English