Senior DevSecOps Engineer

Details

Digital bank robbers are getting smarter and smarter. The need for information security is growing rapidly, especially within the banking sector. As a DevOps Security Wizard, you’ll be part of a team who act as trusted advisors and coaches. Together, you’ll shift security left and embed it into every stage of the DevOps process, co-creating secure banking products from the ground up in a fast-paced, international environment.

Responsibilities

• Collaborate closely with development teams, product owners and other stakeholders across the bank to ensure security is part of the DNA of every product.
• Act as a trusted advisor and coach on security topics; provide guidance on secure design and risk trade-offs.
• Scale business and customer interests against possible security risks and step in when information security is at stake.
• Work with a wide range of technologies and security tooling across infrastructure, platforms and applications.
• Contribute to security assessments, requirements management and implementation in a DevOps way of working.

Requirements

• 5-10 years of experience in IT / Security / Risk Management.
• Education in information science, IT or relevant studies.
• Willingness to learn, an IT background and a security mindset.
• Experience in at least one of: DevOps Security, Threat Modelling or Security Governance.
• Fluent in English (required).

Nice-to-have / further knowledge (explicitly mentioned):

• Development life cycle and platform security knowledge; development pipeline security.
• Threat modeling, container security, AI security and secure coding.
• Migrating workloads from classic datacentres to the cloud.
• Cloud security with a particular focus on Azure and SaaS solutions.
• Understanding of CSA (Cloud Security Alliance) framework implementation.
• Cloud concepts and best practices.
• Security assessment and requirements management in a DevOps way of working.
• Security processes, technologies and architectures such as security configurations, patch management, access control, cryptography, security monitoring, vulnerability management, Identity and Access Management.
• Information Security Risk Management, documentation, (MI) reporting, compliance, policies and standards frameworks and consulting.
• Fluent in Dutch (stated as nice-to-have).
• Soft skills: stakeholder management in a multi-cultural and international environment; strong communication skills, both verbal and written.

Working environment

• You will become part of CISO Technology and Engineering (T&E), part of Corporate Information Security Office (CISO). The CISO department consists of approx. 500 employees; T&E is a multinational team with over 90 employees.
• ABN AMRO’s IT organisation is international; you’ll frequently meet with developers, product owners and grid owners from all business lines.
• The role is a continuous learning environment with a large diversity of tech developments and products.

Benefits

• Monthly salary range: €5,847 - €8,353 (see salary section).
• Competitive total compensation and an attractive employee benefits package.
• Personal development: extensive training and career opportunities; ABN AMRO emphasises personal growth.
• Hybrid working: office in Amstelveen is the home base, Zuidas (Amsterdam) office also available; working part of the week from home is the norm.

How to apply

• Respond to the online vacancy or contact [email protected] if you believe you are a great match even if you don't tick all boxes.

Other notes

• The role emphasises secure-by-design in a DevOps environment and working across multiple technologies and tooling within a large bank.