4 Itao Jobs

Strategy & Architecture Enterprise IT governance: Reviews current and proposed information systems for compliance with the organisation's obligations (including legislation, regulatory, contractual and agreed standards/policies) and adherence to overall strategy. Provides specialist advice to those accountable for governance to correct compliance issues. Cloud Security & Governance : Migration on Cloud from on-prem setup end to end with ensuring application/infrastructure and Data Security Information security: Communicates information security risks and issues to business managers and others. Performs basic risk assessments for small information systems. Contributes to vulnerability assessments. Applies and maintains specific security controls as required by organisational policy and local risk assessments. Investigates suspected attacks. Responds to security breaches in line with security policy and records the incidents and action taken. Information content publishing: Understands technical publication concepts, tools and methods and the way in which these are used. Uses agreed procedures to publish content. Obtains and analyses usage data and presents it effectively. Understands, and applies principles of usability and accessibility to published information. Specialist advice: Actively maintains knowledge in one or more identifiable specialisms. Provides detailed and specific advice regarding the application of their specialism(s) to the organisation's planning and operations. Recognises and identifies the boundaries of their own specialist knowledge. Collaborates with other specialists, where appropriate, to ensure advice given is appropriate to the needs of the organisation. Knowledge management: Maintains knowledge management systems and content to meet business needs. Supports others to enable them to complete knowledge management activities and form knowledge management habits. Reports on progress of knowledge management activities. Configures and develops knowledge management systems and standards. Supports changes to work practices to support capture and use of knowledge. Business risk management: Investigates and reports on hazards and potential risk events within a specific function or business area. Continuity management: Implements and contributes to the development of a continuity management plan. Coordinates the assessment of risks to the availability, integrity and confidentiality of systems that support critical business processes. Coordinates the planning, designing, and testing of maintenance procedures and contingency plans. Data management: Assists in providing accessibility, retrievability, security and protection of data in an ethical manner. Methods and tools: Provides support on the use of existing method and tools. Configures methods and tools within a known context. Creates and updates the documentation of methods and tools. Change and Transformation Requirements definition and management: Assists in the definition and management of requirements. Uses standard techniques to elicit, specify, and document requirements for simple subject areas with clearly-defined boundaries. Assists in the creation of a requirements baseline and in investigating and applying authorised requests for changes to base-lined requirements, in line with change management policy. Delivery and operation Availability management: Contributes to the availability management process and its operation and performs defined availability management tasks. Analyses service and component availability, reliability, maintainability and serviceability. Ensures that services and components meet and continue to meet all of their agreed performance targets and service levels. Implements arrangements for disaster recovery and documents recovery procedures. Conducts testing of recovery procedures. Service acceptance: Engages with project management to confirm that products developed meet the service acceptance criteria and are to the required standard. Feeds into change management processes. Configuration management: Applies tools, techniques and processes to track, log and correct information related to configuration items. Verifies and approves changes ensuring protection of assets and components from unauthorised change, diversion and inappropriate use. Ensures that users comply with identification standards for object types, environments, processes, lifecycles, documentation, versions, formats, baselines, releases and templates. Performs audits to check the accuracy of information and undertakes any necessary corrective action under direction. Asset management: Applies tools, techniques and processes to create and maintain an accurate asset register. Produces reports and analysis to support asset management activities and aid decision making. Change management: Develops implementation plans for complex requests for change. Evaluates risks to the integrity of service environment inherent in proposed implementations (including availability, performance, security and compliance of the business services impacted). Seeks authority for those activities, reviews the effectiveness of change implementation, and suggests improvement to organisational procedures governing change management. Leads the assessment, analysis, development, documentation and implementation of changes based on requests for change. Security administration: Investigates minor security breaches in accordance with established procedures. Assists users in defining their access rights and privileges. Performs non-standard security administration tasks and resolves security administration issues. Application support: Drafts and maintains procedures and documentation for applications support. Manages application enhancements to improve business performance. Advises on application security, licensing, upgrades, backups, and disaster recovery needs. Ensures that all requests for support are dealt with according to set standards and procedures. Problem management: Ensures that appropriate action is taken to anticipate, investigate and resolve problems in systems and services. Ensures that such problems are fully documented within the relevant reporting system(s). Enables development of problem solutions. Coordinates the implementation of agreed remedies and preventative measures. Analyses patterns and trends. Incident management: Ensures that incidents are handled according to agreed procedures. Investigates escalated incidents to responsible service owners and seeks resolution. Facilitates recovery, following resolution of incidents. Ensures that resolved incidents are properly documented and closed. Analyses causes of incidents, and informs service owners in order to minimise probability of recurrence, and contribute to service improvement. Analyses metrics and reports on performance of incident management process. Skills and quality Quality assurance: Contributes to the collection of evidence and the conduct of formal audits or reviews of activities, processes, data, products or services. Examines records for evidence that appropriate testing and other quality control activities have taken place and determines compliance with organisational directives, standards and procedures. Identifies non-compliances, non-conformances and abnormal occurrences. Conformance review: Collects and collates evidence as part of a formally conducted and planned review of activities, processes, products or services. Examines records as part of specified testing strategies for evidence of compliance with management directives, or the identification of abnormal occurrences. Digital forensics: Contributes to digital forensic investigations. Processes and analyses evidence in line with policy, standards and guidelines and supports production of forensics findings and reports. Relationships and engagement Relationship management: Identifies the communications and relationship needs of stakeholder groups. Translates communications/stakeholder engagement strategies into specific activities and deliverables. Facilitates open communication and discussion between stakeholders, acting as a single point of contact by developing, maintaining and working to stakeholder engagement strategies and plans. Provides informed feedback to assess and promote understanding. Facilitates business decision-making processes. Captures and disseminates technical and business information. Experience/Exposure Autonomy: Works under general direction. Uses discretion in identifying and responding to complex issues and assignments. Receives specific direction, accepts guidance and has work reviewed at agreed milestones. Determines when issues should be escalated to a higher level. Influence : Interacts with and influences colleagues. Has working level contact with customers, suppliers and partners. May supervise others or make decisions whichimpactthe work assigned to individuals or phases of projects. Understands and collaborates on the analysis of user/customer needs and represents this in their work. Complexity: Performs a range of work, sometimes complex and non-routine, in a variety of environments. Applies methodical approach to issue definition and resolution. Knowledge: Has a sound generic, domain and specialist knowledge necessary to perform effectively in the organization typically gained from recognized bodies of knowledge and organizational information. Demonstrates effective application of knowledge. Has an appreciation of the wider business context. Takes action to develop own knowledge. Business skills: Demonstrates effective communication skills. Plans, schedules and monitors own work (and that of others where applicable) competently within limited deadlines and according to relevant legislation, standards and procedures. Contributes fully to the work of teams. Appreciates how own role relates to other roles and to the business of the employer or client. Demonstrates an analytical and systematic approach to issue resolution. Takes the initiative in identifying and negotiating appropriate personal development opportunities. Understands how own role impacts security and demonstrates routine security practice and knowledge required for own work. Cloud Migration and Understanding: Basic Knowledge on IaaS/PaaS/SaaS and migration from different environments to Cloud Your skills and experience IT Service Management, IT Governance or IT Project Management background. Excellent communication and presentation skills, highly organized and disciplined. Experienced in working with multiple stakeholders. Ability to create and naturally maintain good business relationships with all stakeholders. Comfortable working in VUCA (Volatility Uncertainty Complexity Ambiguity) and highly dynamic environments. ITAO will typically have a rather limited technical hands on involvement. A high-level understanding on the products/technologies below is welcomed: Databases: mainly Oracle Application/web servers (like J2EE based, especially JBoss, Tomcat, WebLogic Server, Apache) Management of security certificates. Unix servers very basic administration Microservices and SOA Communication and encryption protocols (mainly HTTP(S), SSL) Networking (firewalls, load balancers, etc) High Availability Architecture. Reasonable understanding and relevant experience in Agile-Scrum delivery and main tools (Jira & Confluence); 4-5 years of work experience in IT; 2-3 years project management or application owner experience. Preferable skills: Experience working with distributed development teams; Experience in finance products Experience on Google Cloud Security and Management Role: IT & Information Security - Other Industry Type: Investment Banking / Venture Capital / Private Equity Department: IT & Information Security Employment Type: Full Time, Permanent Role Category: IT & Information Security - Other Education UG: B.Tech/B.E. in Any Specialization PG: Any Postgraduate

The ITAO is the function responsible on the application lifecycle governance. The applicant will act as an IT Application Owner for applications in the TAS Function The IT Application Owner (ITAO) is accountable for the Application Management of portfolio of applications. The ITAO has to ensure that the application(s) are enhanced and maintained in accordance to the Banks IT Security Risk and Compliance requirements. The Technology Roadmap within DB and the Business plans. The ITAO should work with relevant stakeholders of the application and ensure that you effectively identifies and manages risks, issues, compliance gaps in line with DB IT risk and compliance policies and also the road map of the business stakeholders. Service levels need to be evolved and met based on business needs. The ITAO need to proactively escalate with relevant stake holders to ensure that there is no slippage in meeting IT Risk, compliance and audit goals for the application, portfolio of applications. Your key responsibilities Monitoring Portfolio and align with them on deliveries and strategy of NARs. Make sure TAS Applications portfolio is compliant, considering tasks and activities coming from: Control Workbench, and other requirements from the stakeholders. Lead Risk and compliance process for the set of application that candidate is the IT owner. Facilitate Disaster Recovery activities by reviewing DR plans and coordinating the execution of DR exercise for the application. Manage Internal and external application audits and Audit issue remediation activities. Manage remediation of gaps in application lifecycle management activities such as Account recertification, remediation of Application configuration gaps etc Manage application related Risk and Compliance Evaluation tasks and resolution of gaps in this area. Manage any IT Security incidents that may occur in the application. Plan and Manage Application events and Database Events monitoring using Bank wide standard monitoring tools. Manage application capacity forecasting and monitoring. Plan and manage Application user access related tasks. Plan for Application Hardware / Software / License upgrades or migration activities to align to the compliant platforms. Ability to manage the L3 activities in-terms of application fixes. Co-ordinate Essential Maintenance Change management process Contributes to Go Live transitions. Can support GCP Applications and migration activities Your skills and experience Desirable experience 12+ plus years in the IT industry Prior ITAO experience is preferrable. Good understanding of the SDLCs and current IT trends in managing Projects. .Net/Java technical background is highly desirable with Database experience. IT Risk Frameworks experience is needed. Banking / Financial industry Exposure is a plus. Business Risk audits experience is good to have. Project/Development/ Release/Support Management/ Technology Infrastructure management Digital Assets knowledge would be a plus. Using initiative to proactively prioritize workload. Comfortable working with junior engineering staff through to senior business stakeholders Excellent communication and influencing skills across various levels of stakeholders. Open minded and willing to learn business and technology. Ability to work in fast paced environment with multiple requirements. Ability to manage the expectations of stakeholders and set expectation with clear milestones and target dates to achieve. Passion about sharing knowledge and best practice. Ability to work in virtual teams and in weak matrix organizations across geographic locations. Project management skills are must. Fluent in English (written/verbal) Ability to mentor juniors. Team Player Educated to degree level or above. Experience of working in a dynamic collaborative environment

Role Description ITAO is the custodian of the application and is responsible to apply and enable during Life-Cycle of the application the IT policies and procedures with specific consideration to IT management and Information Security. The ITAO ensures a clear separation of the responsibility within the project, aimed at achieving a safe and secure running of the application and compliance to regulations, policies and standards. ITAO is responsible for application documentation, application infrastructure reliability and compliance, and is usually the IT SPOC for audit initiatives. . What well offer you As part of our flexible scheme, here are just some of the benefits that youll enjoy, Best in class leave policy. Gender neutral parental leaves 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Employee Assistance Program for you and your family members Comprehensive Hospitalization Insurance for you and your dependents Accident and Term life Insurance Complementary Health screening for 35 yrs. and above Your key responsibilities Strategy & Architecture Enterprise IT governance Reviews current and proposed information systems for compliance with the organisation's obligations (including legislation, regulatory, contractual and agreed standards/policies) and adherence to overall strategy. Provides specialist advice to those accountable for governance to correct compliance issues. Cloud Security & Governance Migration on Cloud from on-prem setup end to end with ensuring application/infrastructure and Data Security Information security Communicates information security risks and issues to business managers and others. Performs basic risk assessments for small information systems. Contributes to vulnerability assessments. Applies and maintains specific security controls as required by organisational policy and local risk assessments. Investigates suspected attacks. Responds to security breaches in line with security policy and records the incidents and action taken. Information content publishing Understands technical publication concepts, tools and methods and the way in which these are used. Uses agreed procedures to publish content. Obtains and analyses usage data and presents it effectively. Understands, and applies principles of usability and accessibility to published information. Specialist advice Actively maintains knowledge in one or more identifiable specialisms. Provides detailed and specific advice regarding the application of their specialism(s) to the organisation's planning and operations. Recognises and identifies the boundaries of their own specialist knowledge. Collaborates with other specialists, where appropriate, to ensure advice given is appropriate to the needs of the organisation. Knowledge management Maintains knowledge management systems and content to meet business needs. Supports others to enable them to complete knowledge management activities and form knowledge management habits. Reports on progress of knowledge management activities. Configures and develops knowledge management systems and standards. Supports changes to work practices to support capture and use of knowledge. Business risk management Investigates and reports on hazards and potential risk events within a specific function or business area. Continuity management Implements and contributes to the development of a continuity management plan. Coordinates the assessment of risks to the availability, integrity and confidentiality of systems that support critical business processes. Coordinates the planning, designing, and testing of maintenance procedures and contingency plans. Data management Assists in providing accessibility, retrievability, security and protection of data in an ethical manner. Methods and tools Provides support on the use of existing method and tools. Configures methods and tools within a known context. Creates and updates the documentation of methods and tools. Change and Transformation definition and management Assists in the definition and management of requirements. Uses standard techniques to elicit, specify, and document requirements for simple subject areas with clearly-defined boundaries. Assists in the creation of a requirements baseline and in investigating and applying authorised requests for changes to base-lined requirements, in line with change management policy. Delivery and operation Availability management Contributes to the availability management process and its operation and performs defined availability management tasks. Analyses service and component availability, reliability, maintainability and serviceability. Ensures that services and components meet and continue to meet all of their agreed performance targets and service levels. Implements arrangements for disaster recovery and documents recovery procedures. Conducts testing of recovery procedures. Service acceptance Engages with project management to confirm that products developed meet the service acceptance criteria and are to the required standard. Feeds into change management processes. Configuration management Applies tools, techniques and processes to track, log and correct information related to configuration items. Verifies and approves changes ensuring protection of assets and components from unauthorised change, diversion and inappropriate use. Ensures that users comply with identification standards for object types, environments, processes, lifecycles, documentation, versions, formats, baselines, releases and templates. Performs audits to check the accuracy of information and undertakes any necessary corrective action under direction. Asset management Applies tools, techniques and processes to create and maintain an accurate asset register. Produces reports and analysis to support asset management activities and aid decision making. Change management Develops implementation plans for complex requests for change. Evaluates risks to the integrity of service environment inherent in proposed implementations (including availability, performance, security and compliance of the business services impacted). Seeks authority for those activities, reviews the effectiveness of change implementation, and suggests improvement to organisational procedures governing change management. Leads the assessment, analysis, development, documentation and implementation of changes based on requests for change. Security administration Investigates minor security breaches in accordance with established procedures. Assists users in defining their access rights and privileges. Performs non-standard security administration tasks and resolves security administration issues. Application support Drafts and maintains procedures and documentation for applications support. Manages application enhancements to improve business performance. Advises on application security, licensing, upgrades, backups, and disaster recovery needs. Ensures that all requests for support are dealt with according to set standards and procedures. Problem management Ensures that appropriate action is taken to anticipate, investigate and resolve problems in systems and services. Ensures that such problems are fully documented within the relevant reporting system(s). Enables development of problem solutions. Coordinates the implementation of agreed remedies and preventative measures. Analyses patterns and trends. Incident management Ensures that incidents are handled according to agreed procedures. Investigates escalated incidents to responsible service owners and seeks resolution. Facilitates recovery, following resolution of incidents. Ensures that resolved incidents are properly documented and closed. Analyses causes of incidents, and informs service owners in order to minimise probability of recurrence, and contribute to service improvement. Analyses metrics and reports on performance of incident management process. Skills and quality Quality assurance Contributes to the collection of evidence and the conduct of formal audits or reviews of activities, processes, data, products or services. Examines records for evidence that appropriate testing and other quality control activities have taken place and determines compliance with organisational directives, standards and procedures. Identifies non-compliances, non-conformances and abnormal occurrences. Conformance review Collects and collates evidence as part of a formally conducted and planned review of activities, processes, products or services. Examines records as part of specified testing strategies for evidence of compliance with management directives, or the identification of abnormal occurrences. Digital forensics Contributes to digital forensic investigations. Processes and analyses evidence in line with policy, standards and guidelines and supports production of forensics findings and reports. Relationships and engagement Relationship management Identifies the communications and relationship needs of stakeholder groups. Translates communications/stakeholder engagement strategies into specific activities and deliverables. Facilitates open communication and discussion between stakeholders, acting as a single point of contact by developing, maintaining and working to stakeholder engagement strategies and plans. Provides informed feedback to assess and promote understanding. Facilitates business decision-making processes. Captures and disseminates technical and business information. Experience/Exposure Autonomy Works under general direction. Uses discretion in identifying and responding to complex issues and assignments. Receives specific direction, accepts guidance and has work reviewed at agreed milestones. Determines when issues should be escalated to a higher level. Influence Interacts with and influences colleagues. Has working level contact with customers, suppliers and partners. May supervise others or make decisions whichimpactthe work assigned to individuals or phases of projects. Understands and collaborates on the analysis of user/customer needs and represents this in their work. Complexity Performs a range of work, sometimes complex and non-routine, in a variety of environments. Applies methodical approach to issue definition and resolution. Knowledge Has a sound generic, domain and specialist knowledge necessary to perform effectively in the organization typically gained from recognized bodies of knowledge and organizational information. Demonstrates effective application of knowledge. Has an appreciation of the wider business context. Takes action to develop own knowledge. Business skills Demonstrates effective communication skills. Plans, schedules and monitors own work (and that of others where applicable) competently within limited deadlines and according to relevant legislation, standards and procedures. Contributes fully to the work of teams. Appreciates how own role relates to other roles and to the business of the employer or client. Demonstrates an analytical and systematic approach to issue resolution. Takes the initiative in identifying and negotiating appropriate personal development opportunities. Understands how own role impacts security and demonstrates routine security practice and knowledge required for own work. Cloud Migration and Understanding Basic Knowledge on IaaS/PaaS/SaaS and migration from different environments to Cloud Your skills and experience Experience 6 to 9 years IT Service Management, IT Governance or IT Project Management background. Excellent communication and presentation skills, highly organized and disciplined. Experienced in working with multiple stakeholders. Ability to create and naturally maintain good business relationships with all stakeholders. Comfortable working in VUCA (Volatility Uncertainty Complexity Ambiguity) and highly dynamic environments. ITAO will typically have a rather limited technical hands on involvement. A high-level understanding on the products/technologies below is welcomed: Databasesmainly Oracle Application/web servers (like J2EE based, especially JBoss, Tomcat, WebLogic Server, Apache) Management of security certificates. Unix servers very basic administration Microservices and SOA Communication and encryption protocols (mainly HTTP(S), SSL) Networking (firewalls, load balancers, etc) High Availability Architecture. Reasonable understanding and relevant experience in Agile-Scrum delivery and main tools (Jira & Confluence); 4-5 years of work experience in IT; 2-3 years project management or application owner experience. Preferable skills: Experience working with distributed development teams; Experience in finance products Experience on Google Cloud Security and Management How well support you Training and development to help you excel in your career. Coaching and support from experts in your team. A culture of continuous learning to aid progression. A range of flexible benefits that you can tailor to suit your needs.

The Associate ITAO supports the technical infrastructure required to supply IT services to the bank. They are involved in the strategy, design, development, and deployment of IT solutions. They are able to troubleshoot complex issues, being aware of overlapping and different technology areas. Based on their business knowledge, they are able to identify where IT designs can be strengthened and provide value to the businesses. They are responsible for providing detailed technical feedback into the Engineering function to deliver more robust IT solutions. They understand in detail, how IT needs to be supported and can create appropriate processes and controls which ensure IT failings are captured and remediated to ensure stability. They provide technical direction on all related IT platforms and are considered technical experts for level 3 support in outage coordination. The Lead Technologist is counted upon to provide technical guidance and recommendations for complicated business IT problems. They embrace a Continuous Service Improvement approach to drive efficiencies and remove repetition to streamline support activities, reduce risk, and improve system availability. The successful candidate is expected to have at least 5+ years experience in IT, preferably with Asset Management Business Applications and Processes. The IT Application Owner (ITAO) has sound IT risk management skills. They follow one of several possible service delivery approaches, acknowledge interference with the IT applications life cycle and assist with incorporating the adopted approach into best practice. The focus is on applications moving onto cloud. Here you support tracking of the application control status and help application dev-teams with practical advice. Make sure that all steps in Identity & Access Management cycle (on-boarding, recertification, off-boarding) are compliant against DB Policies and application is on-boarded to central tools. The ITAO is aware of the gap in the current infrastructure solutions and where industry innovations are along the maturity lifecycle. They work with application stakeholders to improve the infrastructure, ensuring compliance with the technical roadmap. The ITAO has a sound knowledge of development methodologies and the IT policies necessary to perform effectively in the organisation, aligned to the banks appetite for risk. The ITAO acts to improve safety and security of the application, compliance with regulations, policies and standards, enhance operational readiness, and ease maintenance of the environment for delivering change into production. The ITAO supports the banks audit function in the remediation of audit points and self-identified issues in order to reduce risk. The ITAO is responsible for producing and maintaining accurate documentation on compliance with methodologies, IT policies and IT security requirements. The ITAO interacts with and influences colleagues on the governance of IT platform reliability and resilience ITAOs will also be responsible for Application Decommissioning ITAOs will be driving activity that helps incidents reduction against an application Support compliance on all steps of SDLC process and make sure that all SDLC controls are green. You support the teams role as key contact for all security controls in the software delivery process and ensure that the security controls are evidenced by driving automated evidence. You are consulting with the ITAO community, information security specialists in our CSO organization, and other infrastructure teams like the ORR/SDLC teams. Your key responsibilities Enterprise IT Governance: Responsible for review of current and proposed information systems for compliance with the organisation's obligations (including legislation, regulatory, contractual and agreed standards/policies) and adherence to overall strategy Information security : Communicates information security risks and issues to business managers and others. Performs basic risk assessments for small information systems. Contributes to vulnerability assessments. Applies and maintains specific security controls as required by organisational policy and local risk assessments. Investigates suspected attacks. Responds to security breaches in line with security policy and records the incidents and action taken. Information content publishing : Understands technical publication concepts, tools and methods and the way in which these are used. Uses agreed procedures to publish content. Obtains and analyses usage data and presents it effectively. Understands, and applies principles of usability and accessibility to published information. Business risk management : Investigates and reports on hazards and potential risk events within a specific function or business area. Continuity management : Implements and contributes to the development of a continuity management plan. Coordinates the assessment of risks to the availability, integrity and confidentiality of systems that support critical business processes. Coordinates the planning, designing, and testing of maintenance procedures and contingency plans. Data management : Assists in providing accessibility, retrievability, security and protection of data in an ethical manner. Methods and tools : Provide support on the use of existing method and tools. Configures methods and tools within a known context. Creates and updates the documentation of methods and tools Overall Responsibilities Summary: Make sure that all critical activities in application are monitored and logs are reviewed. Ensure appropriate controls onboarded and implemented where appropriate. Make sure that all steps in Identity & Access Management cycle (on-boarding, recertification, off-boarding) are compliant against DB Policies and application is on-boarded to central tools. Manage Internal and external application audits and Audit issue remediation activities. Completion of regular/recurring assessments Timely response to audit & regulatory requirements with evidence, were compliant. Make sure that infrastructure is compliant and has up-to-date patches. Plan for Application Hardware Software License upgrades or migration activities to align to the compliant platforms. Keep up-to-date DR Test Plan and manage regular DR Tests Manage application capacity forecasting and monitoring. Manage any IT Security incidents that may occur in the application. Support compliance on all steps of SDLC process and make sure that all SDLC controls are green. Application Decommissioning Drive incidents reduction against an application Planning/Organizing: Able to manage work but also to make the estimate, scheme in detail, work on deployment plans and manage deadlines. Manage the technical roadmap of the application (technology roadmap compliance), estimate/budget capacity needed. Expertise in Planning and execution of Releases, Changes, Patches. Exposure of handling L3 role, incident analysis, patch preparation and implementation. Skilled individual to interact with L2 teams for incident and problem management cases. Your skills and experience Degree-level IT and/or information security qualification, or equivalent experience in Information Security and IT Security Experience in Software Development Lifecycle (SDLC) - from idea to production to understand our customer journey, these mostly application owners, business ISOs and development teams GCP-Cloud foundation knowledge General understanding of current security industry standards, best practices, and/or frameworks i.e.: NIST, ENISA, ISO27001, OWASP Problem-solving and analyticalskills with the ability to oversee complex processes Ability to educate a technical and non-technical audience about varioussecuritymeasure Excellent communications skills and very service oriented and customer friendly behaviour even in stressful situations Self-driven behaviour Fluent in English (written/verbal) Preferable Knowledgeofinformation securitytools e.g., security scan and testing tools Understanding of cloud engineering and native security features to support the migration path for applications onto the cloud environment Firm understanding of DevSecOps and the banks shift left agenda to integrate security in the software development lifecycle as earliest as possible. ISO or ITAO certification (for internals only)