You will join the Software-as-a-Service Innovation team, key to the success and growth of the Client Services department at SimCorp.
The SaaS Innovation team itself has colleagues around the world and is very used to collaborating across locations and time zones.
You will coordinate the modernization of compliance in SimCorp and help to make the rest of the company understand that security and compliance work can be fun.
You will own the design of the service and underlying DevOps processes in the following areas:
Identity and Access Management (IAM)
Data Loss/Leak Prevention (DLP)
Security Operations Center (SOC)
Additionally, you will develop our future journey into continuous compliance for our SaaS services based on compliance checks-as-code, OSCAL, embedded into our cloud DevOps pipelines.
Create, implement, and maintain cloud-specific security & compliance policies, standards, and procedures as appropriate for our cloud environment in partnership with key stakeholders
Help ensure alignment between different SaaS service lines
Guide and review the technical implementation of new upcoming SaaS services
Guide and review threat analysis models made by new SaaS teams
Assist in defining scopes for penetration tests
Gather and supervise requirements from our security and compliance SMEs, developers, SRE engineers, operators, and other internal and external stakeholders
Collaborate with the office of the CISO as well as external auditors
Improve and refine our implementation of end-to-end SOC2 compliance
Act as subject matter expert and support business and operations teams in all aspects of cloud security
Continuous improvements of the areas that you own
Significant experience in a similar role
Good understanding of Configuration as code
Professional security architecture experience of cloud services (e.g. Microsoft Azure, knowledge of security compliance and information rights management)
Knowledge and experience with at least one of the security standards/frameworks, e.g., NIST, CIS, CSA Cloud Control Matrix (CCM)
Experience with SIEM tools, e.g. Azure Sentinel
Experience with threat modeling and pentests
Experience with implementing Zero-Trust architectures
Ability to translate business requirements into technical solutions
Flexible working hours – possibility to work from home
Private medical care (Medicover)
Sharing the costs of sports activities (Multisport Card)
Possibility to develop your career in an international environment
Professional training and courses
Integration events and charity projects
SimCorp is a provider of investment management solutions to the world's largest asset managers, fund managers, asset servicers, pension and insurance funds, wealth managers, banks and sovereign wealth funds.
We celebrate multiple approaches and points of view, together we're building a culture where difference is valued. You will be part of growth and a company that continues to grow, offering a lot of interesting opportunities.
Visit our career pages to learn why other people choose to work at SimCorp www.simcorp.com/career