Join our team at Backbase, one of the LinkedIn Top Companies of 2023 in the Netherlands! We're known for our great work environment and providing opportunities for career growth. We’re also committed to fostering a culture of collaboration, innovation, and growth. As a member of our team, you'll have the chance to work with some of the brightest and most talented people in the industry, as well as help shape the future of digital banking. Come join us and be part of something special.
As an Identity and Security Architect, it’s your job to ensure that envisaged solutions become reality. Taking this client-facing role, you are equally comfortable in deep-dive security workshops and in board-level sales presentations. Having earned your stripes in designing modern security architecture, you have no problem finding the scope in large-scale, complex projects. millions of users and their banking data safe and secure.
What you'll do
You will be the go-to-person for all Identity and Security related topics in a Backbase Engagement Banking Platform implementation. You will work alongside our Solution Architects and multidisciplinary implementation teams to gather requirements, design and implement modern, standards-based security solutions; positioning and integrating our own IAM product (Backbase Identity) in complex banking environments.
Your day-to-day responsibilities will include leading security workshop sessions, refinements and providing guidance to both our customers and our internal organization. We are looking for someone who is able to inspire and motivate customers and colleagues alike, asking the right questions and translating business requirements into actionable designs.
You understand modern authentication flows and the demands of digitally-able end customers. You will educate customers on how to leverage best-in-class security patterns to ensure smooth end user experience, including passwordless authentication.
You will take the lead in advising customers and peers regarding defensible, zero-trust architecture. You will play a key role during penetration testing cycles by understanding, triaging and mitigating items uncovered.
As part of a product company, you will also work as the bridge between R&D and our customers, ensuring that field feedback is captured and new features / improvements are seen through to completion and adopted by product.
Who you are
To the development team, you are the vital mainstay during processes of implementation. To customers and partners, you are the expert liaison with a keen feel for their needs. So besides being a great architect, you are also a considerate companion who delivers remarkable results on a continuous basis. You have a hacker mindset and always strive to think like an attacker.
In order to really own this role, we think you’ll need:
● Excellent understanding of IAM, application security and cloud security domains;
● Successful track record delivering security and identity workshops;
● Extensive experience in guiding customers towards a modern and secure architecture;
● Comfortable speaking to a technical audience as well as board-level management roles;
● Collaborative and pragmatic approach to balancing the demands of security, functional, non-functional and user experience objectives;
● Bachelor's degree in Computer Science, Information Security, Cyber Security or equivalent;
● Expert understanding of modern authentication flows such as FIDO, OIDC and OAuth 2.0;
● Ability to deal with security architecture related discussions in public cloud ecosystems as well as in hybrid infrastructure.;
● Last but not least, you have excellent communication and presentation skills in English.
We’ll be delighted if you bring experience in the following topics but otherwise these would be opportunities for you to grow your knowledge working in Backbase:
● Experience with Standards based Identity and Access Management solutions e.g. Keycloak;
● Ability to lead Architecture Risk Analysis and Threat Modelling;
● Experience working and integrating with multiple Identity and Access Management solutions, such as Ping, Okta, Keycloak, ForgeRock etc;
● Deep understanding of pen testing web applications and mobile applications;
● Deep understanding of security in the SDLC including a SAST/SCA/DAST/IAST toolset;
● Deep understanding of frontend, backend and mobile security domains;
● Deep understanding of relevant, security sensitive regulations such as GDPR, PSD2 and PCI-DSS;
● Deep understanding of cloud-native technologies, such as Kubernetes;
● One or more security certifications such as CSSLP, CISSP, OSCP, GWEB;
● Banking domain knowledge.