WELCOME TO THE WORLD OF OPPORTUNITY!
Wizz Air is the fastest growing and greenest European low-cost airline, operating a fleet of 134 Airbus A320 and A321 aircraft. A team of dedicated aviation professionals delivers superior service and very low fares, making Wizz Air the preferred choice of 40 million passengers in the financial year F20 ending 31 March 2020. Wizz Air is listed on the London Stock Exchange under the ticker WIZZ. The company was recently named one of the world’s top ten safest airlines by airlineratings.com, the world’s only safety and product rating agency, and 2020 Airline of the Year by ATW, the most coveted honour an airline or individual can receive, recognizing individuals and organizations that have distinguished themselves through outstanding performance, innovation, and superior service.
Manager for Cyber and Web Security
Purpose of the position:
The purpose of this position is to provide technical leadership and consulting to IT Innovation both the web development and mobile app development teams to ensure that web / mobile applications solutions are developed in accordance with sound architectural principles, policies, regulatory requirements, standards (such as PCI DSS) security and privacy (GDPR) in mind.
- Conduct threat modelling regarding the required products / products’ features
- Advise on security related matters regarding the web and mobile development practice / process / applied technics
- Develop and introduce security KPIs, measures to the development pipeline, provides figures for the Cyber security dashboard / Control center
- Ensure the secure by design approach
- Lead security testing across build and release pipeline (including finding categorization / prioritization, and remediation process development)
- Organize regular secure code training
- Evaluate penetration test findings and advises resolutions
- Maintain working knowledge of technology security, compliance requirements and industry trends.
- Research, validate, and deploy solutions meeting security and business needs.
- Assist with development of security standards, policies, procedures, and processes (Develop and maintain Secure development life cycle).
- Possess an agile focus across technology and security architecture, automation, integration, and distribution.
- Collaborate with product owners, and software engineers to drive implementation of new applications.
- Evaluate proposed alterations to the infrastructure to ensure compliance with regulations and best practices.
- Guide the company on proper implementation of security solutions.
- Experience implementing and integrating security tools into CI/CD.
- Experience in driving effective implementation and adoption of Security Development Lifecycle (SDL) and software maturity model.
- Experience in building security processes, document important security tasks, develop procedures, policies, and process flow.
- Experience as a technical lead or architect.
- Familiarity with common application and network protocols, cryptographic technologies, public key infrastructure, common security threats, such as attack techniques, evasive techniques, and preventative & defensive methods.
- Awareness of regulatory and industry standards; GDPR, PCI, NIST, CIS/SANS 20, ISO 27xxx, etc.
- Experience in designing, documenting and implementing complex technical architecture.
- CEH/CPT, or CISSP or CSSLP Certification and one of GWEB, or Secure Development Cert or equivalent certification is an advantage
- 4 years of application security experience and 4 years of Security Architecture or Consulting experience.
- IT Operation, Telecommunication
- Network and System Engineer
- IT Security
- 3-5 years professional experience
- College degree
Required language level:
- English (higher advanced/fit for negotiation)
- Full time
How to apply/ contact information:
Apply via "Jelentkezem" button underneath!