Cedacri is part of ION Group, a community of visionary innovators, dedicated to providing pioneering software and consultancy services to financial institutions, trading firms, central banks, governments, and corporations around the world. We strive to simplify the way people work. We do that by providing workflow and process automation software, as well as providing real-time data and business intelligence to help people make better decisions. We are 13,000+ employees, 60+ global offices, and over 4,800+ customers worldwide.
For the strengthening of the Architecture and Innovation Unit, we are looking for brilliant professionals with proved experience in complex environments, preferably banking/finance, to join the Application Security team. The ideal candidate will experience a dynamic, fast-paced and innovative environment, and will contribute to define the best architectural solution, while maintaining and evolving the current infrastructure.
Your duties and responsibilities
• define and manage application security standards and policies, including frameworks, technology stacks, integration patterns, reference architecture and common components
• work with the IT management and the CISO office to verify the application of the standards developed and obtain feedback with a view to continuous improvement
• support the dev teams in the application of reference architectures and security policies to ongoing projects
• support the dev teams in the resolution of vulnerabilities detected by the SAST/SCA/DAST scanning tools
• support the CISO office for application security issues
• analyze the new vulnerabilities found and support the dev teams as well as the infrastructural areas in resolving them
• analyze the main technological and innovation market trends in order to support corporate decisions in the field of application security
We might ask you to perform other tasks and duties as your role expands.
Your skills, experience, and qualifications required
• Degree in computer science
• Minimum 5 years of experience as Security Analyst and/or Developer
• Strong relational and people management skills and flexibility to work under pressure
• Ability to analyze complex information from many different sources
• Analytical, structured and method-oriented approach with a strong attention to detail
• Ability to translate the organization's strategy / needs into IT architecture requirements
• OS (Windows / Linux, specifically Red Hat) and Microsoft Office Suite
• Scripting solutions (Powershell / Bash / Python etc)
• Experience in the design of web APIs that respect the REST paradigm, in the main tools for defining and documenting the API (eg Swagger) and in the relative specifications (OpenAPI Specification)
• In-depth knowledge of OAuth2 and OpenID Connect standards
• Knowledge of the main standards and web interfaces, both server-side (eg HTTP protocol, WebSocket protocol) and client-side (eg web API CORS, DOM, WebAuthn, Web Workers)
• Knowledge of the major cloud service providers (AWS, Azure, Google)
• Knowledge of microservices architectures (MSA), based in particular on Docker and Kubernetes
• Experience in the use of the main static and dynamic code analysis tools
• C1 English level knowledge
What we offer:
Permanent employment contract
Collecchio (PR) - Assago (MI) - Verona (VR) - Castellazzo B.da (AL) - Roma (RM) - Bari (BA)
According to the Italian Law (L.68/99) please note that candidates from the disability list will be given priority.