(CS) Security Architect

(CS) Security Architect

Join our team at Backbase, one of the LinkedIn Top Companies of 2023 in the Netherlands! We're known for our great work environment and providing opportunities for career growth. We’re also committed to fostering a culture of collaboration, innovation, and growth. As a member of our team, you'll have the chance to work with some of the brightest and most talented people in the industry, as well as help shape the future of digital banking. Come join us and be part of something special.

As an Identity and Security Architect, it’s your job to ensure that envisaged solutions become reality. Taking this client-facing role, you are equally comfortable in deep-dive security workshops and in board-level sales presentations. Having earned your stripes in designing modern security architecture, you have no problem finding the scope in large-scale, complex projects.

What you'll do

You will be the go-to-person for all Identity and Security related topics in a Backbase Engagement Banking Platform implementation. You will work alongside our Solution Architects and multidisciplinary implementation teams to gather requirements, design and implement modern, standards-based security solutions; positioning and integrating our own IAM product (Backbase Identity) in complex banking environments.

Your day-to-day responsibilities will include leading security workshop sessions, refinements and providing guidance to both our customers and our internal organization. We are looking for someone who is able to inspire and motivate customers and colleagues alike, asking the right questions and translating business requirements into actionable designs.

You understand modern authentication flows and the demands of digitally-able end customers. You will educate customers on how to leverage best-in-class security patterns to ensure smooth end user experience, including passwordless authentication.

You will take the lead in advising customers and peers regarding defensible, zero-trust architecture. You will play a key role during penetration testing cycles by understanding, triaging and mitigating items uncovered.
As part of a product company, you will also work as the bridge between R&D and our customers, ensuring that field feedback is captured and new features / improvements are seen through to completion and adopted by product.

Who you are

To the development team, you are the vital mainstay during processes of implementation. To customers and partners, you are the expert liaison with a keen feel for their needs. So besides being a great architect, you are also a considerate companion who delivers remarkable results on a continuous basis. You have a hacker mindset and always strive to think like an attacker.
● Extensive experience in software development and architecture and at least 5+ years of experience in application security;
● Bachelor's degree in Computer Science, Information Security, Cyber Security or equivalent;
● Expert understanding of application security, including modern authentication flows such as FIDO, OIDC and OAuth 2.0;
● Ability to deal with security architecture related discussions in public cloud ecosystems as well hybrid infrastructure.
● Experience working and integrating with multiple Identity and Access Management solutions, such as Ping, Okta, Keycloak, ForgeRock etc;
● Deep understanding of frontend, backend and mobile security domains and you master one of them;
● Expert understanding of security in the SDLC and SAST/SCA/DAST tools;
● Expert understanding of pen testing web applications and mobile applications;
● Drive application security requirements in the product;
● Ability to lead Architecture Risk Analysis and threat modelling;
● Collaborative approach to balancing the demands of security, functional, non-functional and user experience objectives;
● Deep understanding of relevant, security sensitive regulations such as GDPR, PSD2 and PCI-DSS;
● Deep understanding of cloud-native technologies, such as Kubernetes;
● Last but not least, you have excellent communication and presentation skills in English.

We will extra happy if you have:
● Experience with Standards based Identity and Access Management solutions e.g. Keycloak.
● One or more security certifications such as CSSLP, CISSP, OSCP, GWEB;
● Banking domain knowledge.