BBVA
BBVA is a global company with more than 160 years of history that operates in more than 25 countries where we serve more than 80 million customers. We are more than 121,000 professionals working in multidisciplinary teams with profiles as diverse as financiers, legal experts, data scientists, developers, engineers and designers.
About the job:
As a Security Architect in the Commercial Client Solutions Engineering team, you will support technological transformation projects within Commercial & Institutional Client Solutions.
Your work will involve collaboration with the Architecture Solutions team and close interaction with technical leaders and Product Owners to equip our clients with new capabilities and improve their lives.
As a global area, projects in Commercial & Institutional Client Solutions aim to reach the geographies where BBVA operates, providing opportunities to work in multidisciplinary and multicultural ecosystems with a strong emphasis on diversity, innovation, and technology creation.
Your responsibilities will include:
* Understanding business processes and the architectures they rely on, to conduct security analysis from a technological perspective.
* Completing and validating Security Models, establishing and designing low-level security controls and processes.
* Managing trade-offs to meet business needs while addressing associated security risks.
* Acting as the technical security reference for the Engineering team, assisting all project stakeholders in decision-making.
* Supporting non-financial risk areas in technology risk management, ensuring compliance with prescribed measures.
* Staying updated on new technologies, threats, and security capabilities, and helping to find technological solutions for new vulnerabilities.
We are looking for:
* A degree in Information Systems Engineering, Telecommunications, or a similar field.
* A Master’s degree in Cybersecurity or security certifications (CISSP or similar) is a plus.
* A minimum of 10 years of experience in cybersecurity, with at least 5 years as a Security Architect.
* Knowledge of web and mobile architecture environments, web servers, APIs, and session-less services.
* Familiarity with protocols such as HTTP, GRPC, TLS/SSL, SSH, FTP, SMB, ODBC.
* Experience with Public Clouds, particularly security in AWS.
* Understanding of authentication and authorization protocols: SAML, OpenID Connect, OAUTH 2.0, Multi-factor auth-N.
* Knowledge of cryptography, digital certificates, digital signatures, etc.
* Familiarity with security systems and networks: Firewalls, Reverse Proxies, Authentication Repositories (LDAP), Identity Management Systems, DLPs, RDPs, etc.
* Knowledge of data protection: Information classification, handling information at rest and in transit.
* Experience with different operating systems (UNIX/Linux, Windows): Hardening, protection measures, virtualization.
* Knowledge of security regulations (PCI, GDPR) and directives like PSD2 related to banking business is valuable.
* Understanding of security standards and risk management: ISO27001, SOC2.
Additionally, you should possess:
* Teamwork skills, a feedback culture, and leadership abilities.
* Negotiation skills.
* Adaptability to change.
* A strong appetite for technological knowledge.
Skills: Application Security Architecture, IT Security Architecture, Project Management, Security Architecture Design.
#J-18808-Ljbffr