About us We’re visionary innovators providing trading and workflow automation solutions, high-value analytics, and strategic consulting to corporations, financial institutions, central banks, and governments. Over 40% of the world’s largest companies utilize our solutions. Our growth stems from bringing together top financial technology companies worldwide. At ION, we offer careers with opportunities to invent, design, collaborate, build, and transform businesses, empowering people globally to do more, faster, and better. Join us to do your best work. Learn more at iongroup.com. Your role Your duties and responsibilities Establish policies and procedures promoting secure development and cloud principles. Enable security automation with tools to reduce vulnerabilities and human errors. Automate audit evidence collection throughout the SDLC for compliance reporting. Monitor security metrics to improve and stay ahead of threats. Engage with teams to ensure the ION Cloud architecture meets high security standards. Create a secure cloud architecture and strategy supported by a robust infrastructure. Conduct post-mortem incident analyses. Review security compliance of deployment, maintenance, monitoring, and management processes. Collaborate with software architects to incorporate security in software design. Evaluate the latest security cloud applications, hardware, and practices. Provide security training and guidance across the organization. Assist product owners in refining security requirements aligned with customer strategies. Other duties may be assigned as the role develops. Your skills, experience, and qualifications Skills Threat Modeling Authentication and authorization standards and implementations Encryption at rest and in transit Certificates and secrets management Security management in AWS, Azure, or GCP, with at least 3 years in AWS or Azure Secure microservices architectures in cloud-native environments Strong networking knowledge Understanding of deployment models (Container, Serverless, Cloud, PaaS, IaaS) Ability to work remotely with diverse, distributed teams Autonomous research skills to preempt security threats SSDLC practices within DevOps, CI/CD environments Knowledge of OWASP Top 10, SANS CWE, OpenSAMM, BSIMM Penetration testing and vulnerability scanning Design of security monitoring tools and pipelines using SCA, SAST, DAST, IAST, RASP Qualifications SANS / SEC-540: Cloud Security and DevSecOps Automation Systems Security Certified Practitioner (SSCP) Certified Information Systems Security Professional (CISSP) Certified Authorization Professional (CAP) Certified Secure Software Lifecycle Professional (CSSLP) HealthCare Information Security and Privacy Practitioner (HCISPP) Experience Multi-year experience in Threat Modeling Proven track record as an architect and consultant, working directly with delivery teams Experience with Kubernetes, OpenShift, Service Mesh Experience with AWS, Azure, GCP clouds Experience with certified standards (ISO 27001, PCI DSS, MIL-SPEC) Contract Type Full-time, permanent Important notes (Italy) In accordance with Italian Law (L.68/99), candidates with disabilities will be prioritized. Due to high application volume, only shortlisted candidates meeting the criteria will be contacted. Non-EU applicants must have a valid EU visa or work permit. J-18808-Ljbffr