Information Security Architect

Job Title

Purpose of the role

Amadeus Self-Service is a set of hardware and software deployed in airports, enabling passengers to proceed through airport touchpoints with little-to-no agent assistance. By the nature of the data accessed and criticality of business continuity, Self-Service platform and applications must have best of the breed security in its DNA. To ensure that the highest security standards are reached and maintained, a very exciting Security Engineer/SecDevOps position is opened, with the following purpose:

• Help consolidate and standardize the security components of our systems.
• Create, implement automation solutions that close existing security holes.
• Implement and automate vulnerability scanning, patching solutions to bring teams to the next level.
• Help Self-Service teams to align with Amadeus security policies and be the link with the CISO office in Amadeus.
• Stay abreast of new developments in IT security and ensure Self-Service teams respond in a timely manner.
• Is recognized as the reference in his/her area of expertise. Highly specialized knowledge to plan, coordinate and implement solutions in the area.​
• Shares his/her knowledge through specialized training sessions, provides guidance to decision-makers and makes recommendations on the strategic orientation and evolution of his/her area of expertise. ​
• Works with a high level of autonomy, based on management directions 

Main Responsibilities:

As part of the Self-Service security team, you will be involved or directly accountable for the following activities:

- Technical Function

• Set up security cloud and on-premise infrastructure: AWS network rules, WAFs, security groups, IAM policies, etc.
• Develop, implement, maintain the Information Security Program including computer security and emergency measures policies and procedures.                  
• Set up/update/maintain security alerts using data available from Operational monitoring tools (e.g. SCADA, AgentPortal, PRTG, CloudWatch, RabbitMQ, Elastic, RealTimeHub etc)                                                                                                                
• Implement and enhance security tooling+ automation including automatic alerting and integration to 3rd party tools customized to high tech products
• Company policies: Maintain company security policies
• Source Code Application Scan: Secure code reviews, proper scan tools followed as part of the CI/CD pipeline and tracking of identified issues
• Co-ordinate Penetration Testing: Help Raise and/or co-ordinate pen test per procedure for all product lines handling Personal information, credit cards or other sensitive customer/corporate data.
• Promote Security Culture/Awareness: Promote, advise and raise awareness on security issues to the team.
• Encrypt data transmissions and erect firewalls to conceal confidential information as it is being transmitted and to keep out tainted digital transfers.
• Modify computer security files to incorporate new software, correct errors, or change individual access status.
• Public Attack Surface protection: Help protect Amadeus from new and emerging threats
• Automate the daily manual tasks.
• Helping answer Questionnaires to support tenders and compliance requirements.

- Security Development Lifecycle (SDL)

• Identification of security requirements for various software products
• Manage Security backlog for various software products
• Setup and oversee ongoing Source Code and Binary Scans
• Keep compliance documentation up to date for annual audit and reporting
• Work with Amadeus CISO and BISO teams to complete Attestation of Compliance (AoC).

- Business Knowledge

• Respond to clients security requests in non-standard situations, investigating all the facts.
• Understand the key business drivers and applies this knowledge to own work.
• Respond to tenders for security related questionnaire
• Advise and support General Management in all information security related matters, alerting to risks and proposing solutions to minimize them.

- Procedural Knowledge

• Ensure security deliverables meet the required Amadeus quality standards.
• Effectively apply required security procedures and methodologies.
• Monitor the Information Security Program effectiveness and update as necessary.
• Monitor current reports of computer viruses to determine when to update virus protection systems.
• Knowledge sharing and upskilling of Amadeus staff in security issues

- Working with others

• Work cooperatively to achieve team goals making constructive suggestions to move things forward.
• Build stable and useful working relationships with others outside the immediate area of work.

- Skills Development

• Develop ability to solve complex problems.
• Demonstrate competence in own area, completing own role independently or with minimal supervision/ guidance.
• Continued development of technical capability. 

Experience Required

• 10+ years in Software Security as a security analyst/coordinator/engineer/expert. In several of the following areas: 
  • Security project coordination & planning experience - or involvement with such
  • Passion and knowledge about application & infrastructure security
  • Software developer security coaching and support for fixing found vulnerabilities in code as well as in the infrastructure  architecture.
  • Defensive secure development training delivery
  • Secure Development Lifecycle (SDL, SSDLC, BSIMM, OWASP SAMM or other similar) knowledge/awareness & scan-ner/sectools deployment/take-up experience
  • Security tool hands on experience (fortigate firewalls, fortify, qualys, protocode, sonarqube are a plus)
• Ability to work in a globally matrixed and complex organization
• 'Managing and setting up cloud-based software infrastructure
• Automation, modern logging, alerting and reporting systems.
• Good communication skills
• Follow latest trends and developments in own field and adapt these in own job/organization
• Support management with resources budget and planning, people’s assessment and coaching.

Diversity & Inclusion

We are an Equal Opportunity Employer and seek to hire the best candidate regardless of age, beliefs, disability, ethnicity, gender or sexual orientation.