Empresa:
act digital
Descrição da Função
The missions are as follows:
• Define security requirements and strategy for Data security and Cryptography for the Group
• Support subsidiaries in considering data security and cryptography measures.
• Analyze and evaluate security risks, their impacts and propose complementary measures.
• Participate in technical POCs on data security and cryptography solutions (including emerging technologies - innovation).
• Carry out a technological watch and contribute to the development of the security community within the bank.
Data Security & cryptography is a team of cybersecurity experts who play key roles defining requirements in topics such as: data security at rest, in transit, data masking, service on data protection/encryption in the private, public and hybrid cloud (O365 and Azure, IBM cloud, AWS), security of cryptographic keys (CKMS, HSM, secret management), digital signature, security of environments used by Data scientists (Data lab, Big data), evaluation of privacy enhanced computing (homomorphic encryption, ABE, SSE ), the arrival of post-quantum cryptography (crypto-agility, crypto-inventory).
Main Tasks:
• Assessment of robustness of designs and data protection mechanisms and keys
• Defining guidelines for the usage of Blockchain within the Bank.
• Collaboration in group's cryptographic and data security expert's stream
• Project orientation towards the best techniques for data security depending on the case (cryptography, anonymization techniques, masking)
• Performing risk analysis, proposing countermeasures.
• Definition of security requirements for cryptography & data security
• Proposals for approaches to inventory of cryptographic assets in the group, and crypto agility
Technical Skills:
• IT Risk and Cyber Security
• Knowledge of Cryptography concepts and algorithms and their application within an Enterprise
• Knowledge of Quantum Computing Fundamentals and its implications on IT and security
• General knowledge of the Cybersecurity landscape in general and its current state of the art
• Familiarity with Security Control Frameworks such as ISO27k1, NIST or CIS
Language Skills:
• English (Mandatory)
Observações
Lisboa (Portugal)