The people we all rely on to make the world go round – they rely on Thales. Our customers come to us with big ambitions: to make life better, to keep us safer. Combining a unique diversity of expertise, talents, and cultures, our architect's design and deliver extraordinary high technology solutions. Solutions that make tomorrow possible, today. From the bottom of the oceans to the depth of space and cyberspace, we help our customers think smarter and act faster - mastering ever greater complexity and every decisive moment along the way.
In Prague, we specialize in developing smart cards, credit cards, SIM cards, ID Cards or Driving licenses. We also invest heavily in the research of E-government solutions and mobile solutions.
Thales is a great place to work. We have friendly management, which follows matrix organization; we have flexible working hours, home office policy, office breakfasts, where everybody shares the latest news, football team, yoga classes, language courses and much more to help you live and work in a fun encouraging environment!
Software Security Expert
Security Experts are IBS Engineering cybersecurity specialists. They are accountable for customer asset protection and for overall IBS cybersecurity risks. Their main goals are to ensure that cybersecurity and personal data protection risks for all products and solutions delivered by IBS Engineering Centers (Delivery Centers and Product Lines) are managed in compliance with Thales DIS policies. As such, they have authority over security decisions made for all products and solutions developed by IBS Engineering teams.
Security experts oversee products and solutions security and provide support and cybersecurity expertise to all IBS organizations and beyond:
- Sales and bid management teams
- Product marketing product owners,
- Product and solution architects,
- Security architects (SSA) in the engineering centers,
- Project managers and quality assurance officers,
- Thales DIS central security teams,
1.1 Main missions
Security experts main objective is to ensure that IBS products and solutions cybersecurity and personal data protection risks are managed according to Thales DIS rules. The scope of their responsibility encompasses the entire IBS product portfolio, as well as all IBS customer solutions.
They guarantee the consistency of the application of the Software Security Assurance Process across IBS engineering centers and are in charge of cybersecurity governance, security audits, and waiver validation.
They support Thales DIS software security assurance governance and improvement plans through contributions to the Software Security Group.
They manage the IBS security community with the objective to build and grow solid and sustainable cybersecurity foundations for IBS and to help teams develop the security skills required to fulfill their missions. They are responsible for training the SSA.
They provide security expertise on advanced topics (new technologies, cryptography, security protocols, cloud security or penetration tests).
They are in charge of cultivating a culture of security awareness within IBS and arranging continuing education of personnel to ensure security policies are adhered to at all times.
They drive the IBS cybersecurity strategy and provide recommendations, in coordination with Thales DIS central security (SSG, CorpSec). They are in charge of implementing technology watch on any cybersecurity topic relevant to IBS business.
1.2 Specific responsibilities
1.2.1 Operational missions:
- Provide guidance and expertise to projects security architecture,
- Take the security lead on key projects (TLOT4, business-sensitive)
- Perform a risk assessment on sensitive projects,
- Validate security waivers,
- Manage penetration tests,
- Respond to security crisis and provide thorough post-event analysis,
- Provide assistance to customer and internal audits,
- Implement technology watch
- Cybersecurity technologies,
- New risks and vulnerabilities,
- Propose and assess new security tools and methodologies.
1.2.2 Governance missions:
- Deploy the software security assurance and personal data protection processes to new teams,
- Maintain IBS engineering security dashboard,
- Establish and monitor security KPI,
- Consolidate KPI from the engineering centers into the dashboard,
- Review and audit projects when required.
- Keep up-to-date on the latest security standards
1.2.3 Support missions:
- Mentor SSA,
- Establish an IBS security curriculum,
- Support SSA and teams with the software security process,
- Support sales and pre-sales teams,
- Interface with customers when security expertise is required.
1.2.4 Communication missions:
- Communicate process information to all IBS stakeholders,
- Organize and manage the security community,
- Build security training content,
- Liaise with Thales DIS central security (SSG, CorpSec).
1.2.5 Transverse missions:
- Contribute to establish Thales DIS software security policies, guidelines/good practices and bring IBS specific requirements into the picture,
- Contribute to the worldwide security program by defining guidelines, performing training, carrying out pilots and selecting security tools,
- Contribute to the Personal Data Protection Working Group.
- 5 years experience in the field of cybersecurity
- Security design/architecture, cybersecurity risk assessment, and/or penetration testing
- Strong software development background
- Experience with development teams to build secure software
- Knowledge of networking, operating systems, and proficiency in at least one development language
- Solid understanding of security protocols, cryptography, authentication, and security standards
- Security certification (CISSP, GIAC, or CEH) would be a plus,
- Cloud security expertise would be a plus
Informace o pozici
- Thales DIS Czech Republic s.r.o.
- Želetavská 1448/7, Praha – Michle
- Required education: University
- Required languages: English (Advanced)
- Benefits: Car for private purposes, Cell phone, Notebook, Contributions to the pension / life insurance, Flexible start/end of working hours, Transport allowance, Meal tickets / catering allowance, Holidays 5 weeks, Educational courses, training, Refreshments on workplace, Contribution to sport / culture / leisure, Sick days, Occasional work from home, Corporate events, Foreign business trips, Individual budget for personal growth
- Listed in: IS/IT: Consultations, analyses, and project management, IS/IT: System and HW administration, IS/IT: Application and system development, SW architect, IT Consultant, IT Security Specialist
- Employment form
- Employment form: Full-time work
- Contract duration
- Contract duration: Permanent
- Employment contract
- Employment contract: employment contract
- Employer type: Employer