Lead Cyber Risk Architect

About Luxoft
Luxoft, a DXC Technology Company (NYSE: DXC), is a digital strategy and software engineering firm providing bespoke technology solutions that drive business change for customers the world over. Acquired by U.S. company DXC Technology in 2019, Luxoft is a global operation in 44 cities and 23 countries with an international, agile workforce of nearly 18,000 people. It combines a unique blend of engineering excellence and deep industry expertise, helping over 425 global clients innovate in the areas of automotive, financial services, travel and hospitality, healthcare, life sciences, media and telecommunications. DXC Technology is a leading Fortune 500 IT services company which helps global companies run their mission critical systems. Together, DXC and Luxoft offer a differentiated customer-value proposition for digital transformation by combining Luxoft’s front-end digital capabilities with DXC’s expertise in IT modernization and integration. Follow our profile for regular updates and insights into technology and business needs.
​​​​​​​Luxoft Romania has been established since 2001. We currently have approximately 2500 employees working from different locations in the country.

Mandatory Skills Description:

• Bachelor's degree in Computer Science, Computer Engineering, or Information Systems degree (preferred)
• 5-7 years of progressive cybersecurity experience
• Experience with information security governance in an enterprise setting
• Familiarity with cyber security architecture using trusted computing model
• Working knowledge of security services such as encryption, authentication, and intrusion detection and prevention architectures, Identity & Access Management, application security and network security
• Strong team player - flexible, adaptable and able to work in fast paced environment
• Able to share information, transfer knowledge and expertise to team members
• Ability to search through existing bank resources to identify answers to architecture, process, and organizational questions
• Documented experience with requirements definition and specifications

Nice-to-Have Skills:

• Experience testing software and measuring against documented requirements
• Ability to organize, transform, and report data using Excel
• Strong presentation skills and an ability to develop easy to understand PowerPoint briefs that utilize both text and graphics to relay information
• Working knowledge of IT management frameworks such as Control Objectives for Information and Related Technology (COBIT) and Information Technology Infrastructure Library (ITIL)
• Familiarity with ISO 27001, 27002, and 27005.
• Security auditing to include knowledge of financial industry regulations: Gramm-Leach Bliley Act (GLBA), Payment Card Industry (PCI), and Federal Financial Institutions Examination Council (FFIEC), Monetary Authority of Singapore (MAS)
• Experience working with a Global Financial Institution

Responsibilities:

As a Cyber Risk Architect, the candidate will be responsible for assessing the security architecture design of various applications and platforms within the bank using a risk-based approach to confirm compliance. The candidate, will facilitate the understanding and shaping of end-to-end security strategy, governance, and architecture across IT projects, architectures, and designs. The candidate will also be responsible for assisting in the transition to a more agile environment, executing tasks designed to streamline the enterprise security architecture processes of the bank.

Additionally, the candidate will:

• Engage with other bank elements to assist all security architecture assessment efforts in integrating with Bank's overall IT vision/strategy/architecture
• Support the Lead Cyber Risk Architect on IT security strategic planning, risk analysis and other related topics as necessary
• Follow direction, oversight, advice and guidance to maintain a culture of architectural excellence: 'Do it once, do it right'

• Documented experience assessing/measuring risk
• General understanding of cybersecurity threats, vulnerabilities, protection measures, and technologies faced by organizations
• Knowledge of the cybersecurity industry and techniques applied to both measure and reduce risk
• Excellent team member, able to work well in teams and in a matrix organization
• Strong stakeholder management & communication skills