Senior Cybersecurity Engineer
The Bank for International Settlements (BIS)
This job has now expired please search on the home page to find live IT Jobs.
Our mission is to serve central banks in their pursuit of monetary and financial stability, to foster international cooperation in those areas and to act as a bank for central banks.
Established in 1930, the BIS is owned by 62 central banks, representing countries from around the world that together account for about 95% of world GDP. Its head office is in Basel, Switzerland and it has two representative offices: in Hong Kong SAR and in Mexico City.
As a senior security specialist in the Security Governance and Assurance unit, you will:
Design, engineer and operate the Bank's vulnerability management program (security testing, vulnerability scanning...), both for on-premises IT and the cloud
Contribute to the definition of security standards (e.g. cryptography standards) and the monitoring of them
Procure, run and report on security testing campaign ranging from phishing campaigns to red team exercises
Work closely with the Security Engineering team and the cyber operations team for a cohesive implementation of security controls and their monitoring
Contribute to security risk assessment of key change initiatives
Champion automation of controls with Security Governance and Assurances
Promote security by design in software development life-cycle
Strong understanding of security concepts both at the policy and the engineering level, in particular in the areas of vulnerability management
Solid understanding of virtualisation technologies, next-generation firewalls, Windows server and client environments, Linux and Microsoft Azure
Able to automate controls using scripting. Practical experience of PowerShell and/or another major programming language (e.g. Python) are strong assets
Good understanding of (sec) DevOps concepts and how to coach software development teams in maturing their understanding of secure coding
Ability to frame security controls in broader framework such as NIST CSF
Knowledge of SWIFT CSP is an asset
Technical professional certifications in cloud technologies, penetration testing and/or security assurance are assets
Fluent in English
Committed to continuous education and technical learning
University degree or equivalent experience
The BIS is fully committed to equal opportunity employment and strives for diversity among its staff