Lead Information Security Engineer

Job Title

In this role, you will have a chance to

• Lead in IT security reference architecture & strategy definition, design, support and promotion.

• Provide guidance and recommendations for most effective Cloud security controls and promote best practice in hardening applications and fixing identified vulnerabilities

• Perform security assessments of applications and tools to proactively identify security issues or weaknesses and propose adequate cost-effective mitigation and remediation

• Drive necessary evolution in applications and provide guidance on appropriate mitigation, remediation or compensating controls

• Promote compliance with the Secure Development Lifecycle (SDL) touchpoints, to ensure that security, data privacy, and compliance is built-in systematically in all Amadeus software development, by design and by default

• Help building up Cloud security expertise across security community through coaching and sharing expertise

• Communicate on security requirements and improve security awareness within the software development teams

• Ensure proposed solutions are feasible, cost effective, in-line with Amadeus security standards, and will be considered compliant by external auditors

• Facilitate the implementation of corporate, transversal security initiatives

• Facilitate incident management, support investigations and help recover from security threats

• Manage and mitigate security risks with stakeholders

• Contribute to enriching R&D risk map and inventory, and actively reduce risk of identified weaknesses

• Contribute to building and maintaining inventory of products, applications, and tools

• Prevent security risks through internal audits, training and awareness programs.

• Contribute to IT security awareness promotion

About the ideal candidate

• Engineering degree

• Minimum of 5 years of experience in security architect

• Good interpersonal skills

• Proactive, rigorous and detail-oriented

• Full working proficiency in English (required)

Are you the one we’re looking for? Apply now.

What we can offer you

🎯 A critical mission and purpose - At Amadeus, you will be powering the future of travel and pursuing a critical mission and extraordinary purpose.

🌎 A truly global DNA - Everything at Amadeus is global, from our people to our business, which translates into our footprint, processes, and culture.

🎓 Great opportunities to learn - Learning happens all the time and in many ways at Amadeus, through on-the-job training, formal learning activities, and day-to-day interactions with colleagues.

🤗 A caring environment - Amadeus fosters a caring environment, nurturing both a fulfilling career and personal and family life. We care about our employees and strive to provide a supportive work environment.

💰 A complete rewards offer - Amadeus provides attractive remuneration packages, covering all essential components of a competitive reward offer, including salary, bonus, equity, and benefits.

🌟 A flexible working model - We want our employees to do their best work, wherever and however it works best for them.

🌈 A diverse and inclusive community - We are committed to leveraging our uniquely diverse population to drive innovation, creativity, and collaboration across our organization.

📈 A Reliable Company - Trust and reliability are fundamental values that drive our actions and shape long-lasting relationships with our customers, partners, and employees.

Business Environment

The Application Security Office is one of the two domain security offices in Amadeus. It covers the security and compliance of all software developed by Amadeus, whether applications or internal tools, or platform components. We work hand-in-hand with the Platform & Infrastructure security office to cover the entire technical stack.

Objectives focus on ensuring that existing and new developments are made sufficiently robust, against both exploitation of potential vulnerabilities and fraudulent misuse, and that compliance is maintained with all applicable legislation and industry regulations or standards (such as PCI DSS, GDPR, SOC1/SOC2 and ISO 27K).

The Application Security Office plays a highly transversal role and has multiple reporting lines, within R&D and to the Amadeus CISO (Chief Information Security Officer), and others to the PCI DSS and other corporate compliance programs. Constructive collaboration with all other security actors in the company is essential.

#LI-EMEA

Diversity & Inclusion

Amadeus is an Equal Employment Opportunity Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex (including pregnancy, childbirth, or a related medical condition), ancestry, national origin, age, genetic information, military or veterans status, sexual orientation, gender expression, perception, or identity, marital status, mental or physical disability status, or any other protected federal, state, or local status unrelated to performance of work involved.

Amadeus endeavors to make https://jobs.amadeus.com/ accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process for Amadeus France, please contact us at accommodations.france@amadeus.com. This contact information is for accommodation requests only and cannot be used to inquire about the status of applications.