Senior Information Security Specialist

Job Title

• Summary:

• The information security officer will mainly deal with Information Security Assets protection in deep technical environment. The person will Identify and assess potential security risks in the Cloud Operations Development, Test and Production environments and evaluate, specify, and propose appropriate organizational, procedural and technical security measures to mitigate the risk of a compromise of Amadeus assets impacting the availability, confidentiality and integrity of Amadeus services and data, corporate image or Amadeus brand.

• He / she will ensure Information Security is integrated into Amadeus Operations activities. Ensure Compliance obligations are met always.

  Support Amadeus business requirements and manage information, services and infrastructure risks.

  Ensure risks are treated in a consistent and effective manner.

  Keep up to date with Information Security and Compliance trends.

  Promote responsible security behaviour at Amadeus.

  Able to list cloud specific security requirements for each implementation scenario.

• Main Responsibilities
  With focus on public cloud implementations, he / she will:
  • Perform ideation, analysis, planning, Implementations & Remediation for Azure Policies / AWS Config
  • BAU and Operational Tasks for Azure Policies / AWS Config with appropriate documentation
  • Determine security gaps in cloud infra / setup
  • Translate Cloud related Risks and Issues and determine action plan for mitigation
  •  Identify and assess potential security risks in the Amadeus Operations Test, Development and Production environments.
  • Evaluate, specify and propose appropriate organizational, procedural and technical security measures to mitigate the risk of a compromise to Amadeus assets impacting the availability, confidentiality and integrity of Amadeus services and data, corporate image or Amadeus brand.
  • Support and track items relevant to Risk Mitigation.
  • Regularly review, assess and validate effectiveness of all controls.
  • Regularly review the compliance of implemented security policies, procedures and measures.
  • Analyse and control areas of responsibility affecting risk, security and compliance as well as conducting a performance review.
  • Handle Change Management Process

• Skills & Knowledge – Technical / Functional and Managerial

  Good Experience with any 2 of 3 cloud technologies i.e. Azure / AWS / GCP

  Any other Cloud Technology Platform considered a major plus.

• Expertise in cloud security controls
• Must have hands on experience on Cloud Security Architecture review and controls.
• Solid Understanding of Cloud Computing and Infrastructure
• Good understanding of Cloud networking, systems architecture, virtualization, docker containers

• Relevant Job Experience

• Min 5-6 years of experience in Cloud Services / Cloud Security
• 9+ years of IT Security

Education and  Years of Experience

BE, B.Tech or MCA, MSc in Computer Science or equivalent

10+ years of overall experience out of which 4 years + experience should be in in exposure to Cloud Computing, Security and Architecture review.

Must have at least 2-3 certifications of these 6

Azure Admin (Az-104) Azure Security Engineer (Az-500)

AWS Solution Architect Associate AWS Security Specialty

GCP Cloud Engineer GCP Cloud Security Engineer

Good to have Industry Certification in Security (e.g. CISSP, CCSP, CCSK) and basic Scripting knowledge

• Core Technical IT Background
• Good understanding of security and auditing standards (e.g. ISO27000, PCI/DSS, SSAE18 etc.).
• Ability to perform independent assessment of cloud supplier services and evaluations

#LI-KA1

Diversity & Inclusion

Amadeus aspires to be a leader in Diversity, Equity and Inclusion in the tech industry, enabling every employee to reach their full potential by fostering a culture of belonging and fair treatment, attracting the best talent from all backgrounds, and as a role model for an inclusive employee experience.  

Amadeus is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to gender, race, ethnicity, sexual orientation, age, beliefs, disability or any other characteristics protected by law.