Cloud Security and Compliance Architect

Location: Warsaw, PL

You will join the Software-as-a-Service Innovation team, key to the success and growth of the Client Services department at SimCorp.  

The SaaS Innovation team itself has colleagues around the world and is very used to collaborating across locations and time zones.  

 

You will coordinate the modernization of compliance in SimCorp and help to make the rest of the company understand that security and compliance work can be fun. 

 

You will own the design of the service and underlying DevOps processes in the following areas:  

  • Identity and Access Management (IAM)  

  • Data Loss/Leak Prevention (DLP)  

  • Security Operations Center (SOC)  

Additionally, you will develop our future journey into continuous compliance for our SaaS services based on compliance checks-as-code, OSCAL, embedded into our cloud DevOps pipelines.  

 

Your responsibilities:  

  • Create, implement, and maintain cloud-specific security & compliance policies, standards, and procedures as appropriate for our cloud environment in partnership with key stakeholders  

  • Help ensure alignment between different SaaS service lines   

  • Guide and review the technical implementation of new upcoming SaaS services 

  • Guide and review threat analysis models made by new SaaS teams  

  • Assist in defining scopes for penetration tests  

  • Gather and supervise requirements from our security and compliance SMEs, developers, SRE engineers, operators, and other internal and external stakeholders   

  • Collaborate with the office of the CISO as well as external auditors   

  • Improve and refine our implementation of end-to-end SOC2 compliance   

  • Act as subject matter expert and support business and operations teams in all aspects of cloud security  

  • Continuous improvements of the areas that you own 

Your qualifications:  

  • Significant experience in a similar role  

  • Good understanding of Configuration as code   

  • Professional security architecture experience of cloud services (e.g. Microsoft Azure, knowledge of security compliance and information rights management)  

  • Knowledge and experience with at least one of the security standards/frameworks, e.g., NIST, CIS, CSA Cloud Control Matrix (CCM)   

  • Experience with SIEM tools, e.g. Azure Sentinel  

  • Experience with threat modeling and pentests 

  • Experience with implementing Zero-Trust architectures  

  • Ability to translate business requirements into technical solutions  

  • Fluent English  

Benefits: 

  • Flexible working hours – possibility to work from home 

  • Private medical care (Medicover) 

  • Sharing the costs of sports activities (Multisport Card) 

  • Life insurance 

  • Possibility to develop your career in an international environment 

  • Professional training and courses 

  • Language classes 

  • Integration events and charity projects 

About us: 

SimCorp is a provider of investment management solutions to the world's largest asset managers, fund managers, asset servicers, pension and insurance funds, wealth managers, banks and sovereign wealth funds. 

We celebrate multiple approaches and points of view, together we're building a culture where difference is valued. You will be part of growth and a company that continues to grow, offering a lot of interesting opportunities. 

Visit our career pages to learn why other people choose to work at SimCorp www.simcorp.com/career 

 

#LI-hybrid