PbAbout us /b /ppWe’re visionary innovators who provide trading and workflow automation solutions, high-value analytics, and strategic consulting to corporations, financial institutions, central banks, and governments. More than 40% of the world’s largest companies use our solutions. We’ve achieved tremendous growth by bringing together some of the best and most successful financial technology companies in the world. /ppAt ION, we offer careers that provide many opportunities: To invent. To design. To collaborate. To build. To transform businesses and empower people around the world to do more, faster and better than before. Imagine what you can do and experience. This is where you can do your best work. /ppLearn more at a iongroup.com /a. /ppbYour role /b /ppbYour duties and responsibilities /b /polliWork with cloud platform teams to design, develop, debug and support platforms, services and application workspaces. /liliWork with the application teams to design, develop, debug and support new cloud-native applications and migrate existing applications to the cloud. /liliRegularly evaluate the best cloud applications, hardware, and practices to keep the ION Cloud up to date with the best of breed available in the industry. /liliMaintain strong and continuous engagement with security SMEs internally and externally to ensure the ION Cloud architecture and operating model is up to the top security standards. /liliWork with stakeholders to understand customers' needs and to implement the cloud strategies accordingly. /li /olpbOther duties /b /ppWe might ask you to perform other tasks and duties as your role expands. /ppbYour skills, experience, and qualifications /b /ppbSkills /b /polliAuthentication/authorization implementations. /liliApplication of encryption at rest and in transit. /liliCertificates/secrets implementations. /liliImplementing security in public clouds (AWS, Azure, GCP), with at least 3 years specific experience in either AWS or Azure. /liliSecure microservices architectures in a cloud-native environment. /liliUnderstanding of networking. /liliKnowledge of different deployment models (Container, Serverless, Cloud, PaaS, IaaS …). /liliAbility to work with diverse, remote, and distributed teams across multiple regions and time zones. /liliSSDLC practices in DevOps, CI/CD environment. /liliOWASP Top 10, SANS CWE, OpenSAMM, BSIMM, etc. /liliPenetration testing, vulnerability scanning. /liliImplementation of security monitoring tools. /liliImplementing pipelines that make use of SCA, SAST, DAST, IAST and RASP solutions. /li /olpbQualifications /b /polliSANS/SEC-540: Cloud Security and DevSecOps Automation. /liliSystems Security Certified Practitioner (SSCP). /liliCertified Information Systems Security Professional (CISSP). /liliCertified Authorization Professional (CAP). /liliCertified Secure Software Lifecycle Professional (CSSLP). /liliHealthCare Information Security and Privacy Practitioner (HCISPP). /li /olpbExperience /b /polliExperience in Threat Modeling. /liliA proven track record as engineer and consultant, capable of working directly with teams, embedded in the delivery model. /liliExperience with Kubernetes, Openshift, Service Mesh. /liliExperience with clouds (AWS, Azure, GCP). /liliExperience with getting or maintaining certified standards (i.e. ISO 27001, PCI DSS, MIL-SPEC). /li /olpbExample technologies /b /polliIAM: Key Cloak, ForgeRock, Okta, Azure Active Directory B2C, x509 Mutual TLS (OpenId Connect/OIDC/SAML). /liliSecrets: AWS KMS/AWS Secrets Manager, Azure Key Vault, Hashicorp Vault, CyberArk Conjur. /liliCode security tools: SonarQube, BlackDuck, Veracode, Snyk. /liliContainer security tools: Aquasec, Twistlock, Clare, Qualys, Sysdig. /liliCloud security tools: Rapid7, Netskope, AWS Security Hub, Azure Security Center, GCP Cloud Security Command Center. /liliCloud platforms: AWS, Azure, GCP. /liliContainer platforms: OpenShift, Kubernetes, Swarm. /liliCI/CD platforms: Jenkins, Spinnaker, Argo CD, Azure DevOps, AWS CodeStar, GCP Cloud Build. /liliArtifact platforms: Nexus, Artifactory. /liliLanguages: Bash, PowerShell, Python, a Node.js /a, Go, Rust, Java. /liliOrchestration tools: Terraform, Pulumi, CloudFormation templates, ARM templates, GCP Deployment Manager templates. /liliConfiguration management tools: Ansible, Chef, Puppet, Salt. /li /olpbContract and locations /b /pp· Contract Type: Full-time, permanent contract. /pp· Locations: London, Milan, Pisa, Parma. /ppbImportant notes (Italy) /b /ppAccording to the Italian Law (L.68/99) Please note that candidates from the disability list will be given priority. /ppDue to the high volume of applications, only those candidates that meet the required criteria for selection will be contacted. /ppIf you’re from a non-EU country, you must have a valid EU visa or work permit. /p #J-18808-Ljbffr