Finaro is a leading provider in the new emerging Fintech world. Guided by our vision, we create innovative, smart, and simple payments and financial solutions, providing merchants and consumers all around the world with a unified omnichannel payment platform.
At Finaro we work as one to design, develop and launch new products and services. Join our fast growing team and be part of tomorrow’s payment solutions.
As part of our continued growth, we're looking for an Information Security Architect.
Key Roles and Responsibilities:
- Play key role in product & system design, reviews and solution architecture, and provide security guidelines, all in a highly regulated ecosystem.
- Control and manage mitigation plan implementation as part of the above security guidelines
- Identify, research, explore, and lead the evaluation and implementation of new security controls for the required business projects
- Work closely with the product team to enhance Finaro’s product security
- Work with IT teams on new innovative infrastructure projects, including VM environments, network infrastructure, storage systems, DB platforms, and cloud environments, and provide security guidance for all related fields and layers respectively
- Work with R&D teams to enhance application security within Finaro software
- Experience as an information security architect in a financial company
- At least 3-5 years in Information Security roles
- Experience in leading Information Security projects from initiation to delivery, including RFI/RFP phases, SOW definition, plan, integration, and full delivery
- Experience with OS security, mainly Linux
- Experience with information security systems including Network firewalls, IDS/IPS, WAF, Multi-Factor Authentication platforms, VPN systems, Central anti-virus systems, etc.
- Experience with cloud infrastructure/cloud security (mainly AWS)
- Experience with open-source tools and platforms
- Excellent English (both speaking and writing)
- Required: CCNA, advantage: CISSP and/or CSSLP certification
- Experience with web & application security, familiar with OWASP frameworks, solutions and initiatives
- Experience with database security, mainly Oracle, MySql, and PostgreSQL
- Experience with security projects such as Static Code Analysis, DB Firewall, and CASB implementations
- Experience with offensive security and penetration testing tools