Senior Security Architect

About us

We’re visionary innovators providing trading and workflow automation solutions, high-value analytics, and strategic consulting to corporations, financial institutions, central banks, and governments. Over 40% of the world’s largest companies use our solutions. We have achieved significant growth by bringing together some of the most successful financial technology companies globally.

At ION, we offer careers with opportunities to invent, design, collaborate, build, and transform businesses, empowering people worldwide to do more, faster, and better than before. Join us to do your best work.

Learn more at iongroup.com.

Your role

Your duties and responsibilities

• Establish policies and procedures that promote secure development and cloud principles.
• Enable security automation through tools to reduce vulnerabilities and human errors.
• Automate audit evidence collection throughout the SDLC to facilitate compliance reporting.
• Monitor security metrics to improve continuously and stay ahead of threats.
• Maintain engagement with teams to ensure the ION Cloud architecture meets top security standards.
• Create a secure cloud architecture and strategy supported by a robust infrastructure and efficient operating model.
• Conduct post-mortem incident analyses.
• Review security compliance of deployment, maintenance, monitoring, and management processes.
• Collaborate with software architects to incorporate security in software design.
• Evaluate the latest cloud security applications, hardware, and practices.
• Provide training and guidance to foster a security culture within the organization.
• Assist the product owner in refining security requirements aligned with customer strategy and sales points.

Other duties

Additional tasks may be assigned as your role expands.

Your skills, experience, and qualifications

Skills

• Threat Modeling
• Authentication and authorization standards and implementations
• Encryption at rest and in transit
• Certificates and secrets management standards
• Security management in AWS, Azure, or GCP with at least 3 years of experience in AWS or Azure
• Secure microservices architectures in cloud-native environments
• Strong networking knowledge
• Experience with deployment models like Containers, Serverless, Cloud, PaaS, IaaS
• Ability to work with remote, diverse, and distributed teams
• Autonomous research skills to stay ahead of security threats
• SSDLC practices in DevOps, CI/CD environments
• Knowledge of OWASP Top 10, SANS CWE, OpenSAMM, BSIMM
• Penetration testing and vulnerability scanning
• Design security monitoring tools
• Design pipelines utilizing SCA, SAST, DAST, IAST, RASP solutions

Qualifications

• SANS / SEC-540: Cloud Security and DevSecOps Automation
• Systems Security Certified Practitioner (SSCP)
• Certified Information Systems Security Professional (CISSP)
• Certified Authorization Professional (CAP)
• Certified Secure Software Lifecycle Professional (CSSLP)
• HealthCare Information Security and Privacy Practitioner (HCISPP)

Experience

• Multi-year experience in Threat Modeling
• Proven track record as an architect and consultant, working directly with delivery teams
• Experience with Kubernetes, OpenShift, Service Mesh
• Hands-on experience with AWS, Azure, or GCP clouds
• Experience with standards like ISO 27001, PCI DSS, MIL-SPEC

Contract Type

• Full-time, permanent contract

Important notes (Italy)

In accordance with Italian Law (L.68 / 99), candidates with disabilities will be prioritized.

Due to high application volume, only candidates meeting the criteria will be contacted.

Non-EU candidates must have a valid EU visa or work permit.

J-18808-Ljbffr