Ph3About us /h3 pWe’re visionary innovators who provide trading and workflow automation solutions, high‑value analytics, and strategic consulting to corporations, financial institutions, central banks, and governments. More than 40% of the world’s largest companies use our solutions. We’ve achieved tremendous growth by bringing together some of the best and most successful financial technology companies in the world. /p pAt ION, we offer careers that provide many opportunities: To invent. To design. To collaborate. To build. To transform businesses and empower people around the world to do more, faster and better than before. Imagine what you can do and experience. This is where you can do your best work. /p pLearn more at iongroup.com. /p h3Your role /h3 pYour duties and responsibilities /p ul liWork with cloud platform teams to design, develop, debug and support platforms, services and application workspaces. /li liWork with the application teams to design, develop, debug and support new cloud‑native applications and migrate existing applications to the cloud. /li liRegularly evaluate the best cloud applications, hardware, and practices to keep the ION Cloud up to date with the best of breed available in the industry. /li liMaintain strong and continuous engagement with security SMEs internally and externally to ensure the ION Cloud architecture and operating model is up to the top security standards. /li liWork with stakeholders to understand customers' needs and to implement the cloud strategies accordingly. /li /ul pOther duties /p pWe might ask you to perform other tasks and duties as your role expands. /p h3Your skills, experience, and qualifications /h3 pSkills /p ul liAuthentication/authorization implementations. /li liApplication of encryption at rest and in transit. /li liCertificates/secrets implementations. /li liImplementing security in public clouds (AWS, Azure, GCP), with at least 3 years specific experience in either AWS or Azure. /li liSecure microservices architectures in a cloud‑native environment. /li liUnderstanding of networking. /li liKnowledge of different deployment models (Container, Serverless, Cloud, PaaS, IaaS …). /li liAbility to work with diverse, remote, and distributed teams across multiple regions and time zones. /li liSSDLC practices in DevOps, CI/CD environment. /li liOWASP Top 10, SANS CWE, OpenSAMM, BSIMM, etc. /li liPenetration testing, vulnerability scanning. /li liImplementation of security monitoring tools. /li liImplementing pipelines that make use of SCA, SAST, DAST, IAST and RASP solutions. /li /ul pQualifications /p ul liSANS/SEC‑540: Cloud Security and DevSecOps Automation. /li liSystems Security Certified Practitioner (SSCP). /li liCertified Information Systems Security Professional (CISSP). /li liCertified Authorization Professional (CAP). /liliCertified Secure Software Lifecycle Professional (CSSLP). /li liHealthCare Information Security and Privacy Practitioner (HCISPP). /li /ul pExperience /p ul liExperience in Threat Modeling. /li liA proven track record as engineer and consultant, capable of working directly with teams, embedded in the delivery model. /li liExperience with Kubernetes, Openshift, Service Mesh. /li liExperience with clouds (AWS, Azure, GCP). /li liExperience with getting or maintaining certified standards (i.e. ISO 27001, PCI DSS, MIL‑SPEC). /li /ul pExample technologies /p ul liIAM: Key Cloak, ForgeRock, Okta, Azure Active Directory B2C, x509 Mutual TLS (OpenId Connect/OIDC/SAML). /li liSecrets: AWS KMS/AWS Secrets Manager, Azure Key Vault, Hashicorp Vault, CyberArk Conjur. /li liCode security tools: SonarQube, BlackDuck, Veracode, Snyk. /li liContainer security tools: Aquasec, Twistlock, Clare, Qualys, Sysdig. /liliCloud security tools: Rapid7, Netskope, AWS Security Hub, Azure Security Center, GCP Cloud Security Command Center. /li liCloud platforms: AWS, Azure, GCP. /li liContainer platforms: OpenShift, Kubernetes, Swarm. /li liCI/CD platforms: Jenkins, Spinnaker, Argo CD, Azure DevOps, AWS CodeStar, GCP Cloud Build. /li liArtifact platforms: Nexus, Artifactory. /li liLanguages: Bash, PowerShell, Python, Node.js, Go, Rust, Java. /li liOrchestration tools: Terraform, Pulumi, CloudFormation templates, ARM templates, GCP Deployment Manager templates. /li liConfiguration management tools: Ansible, Chef, Puppet, Salt. /li /ul h3Contract and locations /h3 ul liContract Type: Full‑time, permanent contract. /li liLocations: London, Milan, Pisa, Parma. /li /ul h3Important notes (Italy) /h3 pAccording to the Italian Law (L.68/99) Please note that candidates from the disability list will be given priority. /p pDue to the high volume of applications, only those candidates that meet the required criteria for selection will be contacted. /p pIf you’re from a non‑EU country, you must have a valid EU visa or work permit. /p /p #J-18808-Ljbffr