Software Security Expert
Thales Group
před 1 dnem

Location : Praha, CzechiaThales people architect identity management and data protection solutions at the heart of digital security.

Business and governments rely on us to bring trust to the billons of digital interactions they have with people. Our technologies and services help banks exchange funds, people cross borders, energy become smarter and much more.

More than 30,000 organizations already rely on us to verify the identities of people and things, grant access to digital services, analyze vast quantities of information and encrypt data to make the connected world more secure.

Thales in the Czech Republic employs over 400 people from 45 different nationalities. A total of 15 teams work on projects for government agencies, banking, mobile services and the Internet Of Things (IoT) technology.

At the core of our business is the development of software which we configure and embed in a multitude of different devices and form factors.

These include many kinds of payment cards, SIM cards, travel passes, secure eBanking devices, authentication tokens, machine identification modules (MIM), and secure ID documents including ePassports, eID and eHealth cards, as well as eDriving licenses.

Because of the international environment surrounding us every day, it comes as no surprise that English is our official corporate language.

Software Security Expert

Security Experts are IBS Engineering cybersecurity specialists. They are accountable for customer asset protection and for overall IBS cybersecurity risks.

Their main goals is to ensure that cybersecurity and personal data protection risks for all products and solutions delivered by IBS Engineering Centers (Delivery Centers and Product Lines) are managed in compliance with Thales DIS policies.

As such, they have authority over security decisions made for all products and solutions developed by IBS Engineering teams.

Security experts oversee products and solutions security and provide support and cybersecurity expertise to all IBS organizations and beyond :

  • Sales and bid management teams
  • Product marketing product owners,
  • Product and solution architects,
  • Security architects (SSA) in the engineering centers,
  • Project managers and quality assurance officers,
  • Thales DIS central security teams,
  • 1.1 Main missions

    Security experts main objective is to ensure that IBS products and solutions cybersecurity and personal data protection risks are managed according to Thales DIS rules.

    The scope of their responsibility encompasses the entire IBS products portfolio, as well as all IBS customer solutions.

    They guarantee the consistency of the application of the Software Security Assurance Process across IBS engineering centers and are in charge of cybersecurity governance, security audits and waiver validation.

    They support Thales DIS software security assurance governance and improvement plans through contributions to the Software Security Group.

    They manage the IBS security community with the objective to build and grow solid and sustainable cybersecurity foundations for IBS, and to help teams develop the security skills required to fulfill their missions.

    They are responsible for training the SSA.

    They provide security expertise on advanced topics (new technologies, cryptography, security protocols, cloud security, pentests...).

    They are in charge of cultivating a culture of security awareness within IBS, and arranging continuing education of personnel to ensure security policies are adhered to at all times.

    They drive IBS cybersecurity strategy and provide recommendations, in coordination with Thales DIS central security (SSG, CorpSec).

    They are in charge of implementing technology watch on any cybersecurity topic relevant to IBS business.

    1.2 Specific responsibilities

    1.2.1 Operational missions :

  • Provide guidance and expertise to projects security architecture,
  • Take the security lead on key projects (TLOT4, business sensitive),
  • Perform risk assessment on sensitive projects,
  • Validate security waivers,
  • Manage penetration tests,
  • Respond to security crisis and provide thorough post-event analysis,
  • Provide assistance to customer and internal audits,
  • Implement technology watchCybersecurity technologies,New risks and vulnerabilities,
  • Propose and assess new security tools and methodologies.
  • 1.2.2 Governance missions :

  • Deploy the software security assurance and personal data protection processes to new teams,
  • Maintain IBS engineering security dashboard,
  • Establish and monitor security KPI,
  • Consolidate KPI from the engineering centers into the dashboard,
  • Review and audit projects when required.
  • Keep up-to-date on the latest security standards
  • 1.2.3 Support missions :

  • Mentor SSA,
  • Establish IBS security curriculum,
  • Support SSA and teams with the software security process,
  • Support sales and pre-sales teams,
  • Interface with customers when security expertise is required.
  • 1.2.4 Communication missions :

  • Communicate process information to all IBS stakeholders,
  • Organize and manage the security community,
  • Build security training content,
  • Liaise with Thales DIS central security (SSG, CorpSec).
  • 1.2.5 Transverse missions :

  • Contribute to establish Thales DIS software security policies, guidelines / good practices and bring IBS specific requirements into the picture,
  • Contribute to the worldwide security program by defining guidelines, performing trainings, carrying out pilots and selecting security tools,
  • Contribute the Personal Data Protection Working Group.
  • 1.3 Qualifications

  • 5 years experience in the field of cybersecuritySecurity design / architecture, cybersecurity risk assessment and / or penetration testing
  • Strong software development backgroundExperience with development teams to build secure software
  • Knowledge of networking, operating systems and proficiency in at least one development language
  • Solid understanding of security protocols, cryptography, authentication and security standards
  • Security certification (CISSP, GIAC or CEH) would be a plus,
  • Cloud security expertise would be a plus
  • At Thales we provide CAREERS and not only jobs. With Thales employing 80,000 employees in 68 countries our mobility policy enables thousands of employees each year to develop their careers at home and abroad, in their existing areas of expertise or by branching out into new fields.

    Together we believe that embracing flexibility is a smarter way of working. Great journeys start here, apply now!

    Nahlásit tuto nabídku

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    Můj e-mail
    Kliknutím na "Pokračovat", souhlasíte s tím, že neuvoo sbírá a zpracovává vaše osobní údaje, které jste poskytli v tomto formuláři, aby vytvořili neuvoo účet a přihlásili vás k odběru emailových upozornění v souladu s naší Ochranou Osobních Údajů . Váš souhlas můžete vzít kdekoliv zpět, následováním těchto kroků .