Job Title

Information Security ArchitectBusiness Environment

The Application Security Office is one of the two domain security offices in Amadeus. It covers the security and compliance of all software developed by Amadeus, whether applications or internal tools, or platform components. We work hand-in-hand with the Platform & Infrastructure security office to cover the entire technical stack.

Objectives focus on ensuring that existing and new developments are made sufficiently robust, against both exploitation of potential vulnerabilities and fraudulent misuse, and that compliance is maintained with all applicable legislation and industry regulations or standards (such as PCI DSS, GDPR, SOC1/SOC2 and ISO 27K).

The Application Security Office plays a highly transversal role and has multiple reporting lines, within R&D and to the Amadeus CISO (Chief Information Security Officer), and others to the PCI DSS and other corporate compliance programs. Constructive collaboration with all other security actors in the company is essential.

About the role

Common accountabilities:

• Proficient in technical knowledge to ensure team performs at a high level. Is recognized as a leader in own area
• Understands how main business drivers may impact on own area. Can assess complex problems with broad impact on the activity, improve processes, recommend solutions and risk mitigation plans. Able to communicate complex information
• Works with a high level of autonomy, based on management directions. Leads projects or contributes to broad cross-functional projects. May contribute to planning of resources and budget

Specific accountabilities:

• Lead in IT security reference architecture & strategy definition, design, support and promotion.
• Provide guidance and recommendations for most effective Cloud security controls and promote best practice in hardening applications and fixing identified vulnerabilities
• Perform security assessments of applications and tools to proactively identify security issues or weaknesses and propose adequate cost-effective mitigation and remediation
• Drive necessary evolution in applications and provide guidance on appropriate mitigation, remediation or compensating controls
• Promote compliance with the Secure Development Lifecycle (SDL) touchpoints, to ensure that security, data privacy, and compliance is built-in systematically in all Amadeus software development, by design and by default
• Help building up Cloud security expertise across security community through coaching and sharing expertise
• Communicate on security requirements and improve security awareness within the software development teams
• Ensure proposed solutions are feasible, cost effective, in-line with Amadeus security standards, and will be considered compliant by external auditors
• Facilitate the implementation of corporate, transversal security initiatives
• Facilitate incident management, support investigations and help recover from security threats
• Manage and mitigate security risks with stakeholders
• Contribute to enriching R&D risk map and inventory, and actively reduce risk of identified weaknesses
• Contribute to building and maintaining inventory of products, applications, and tools
• Prevent security risks through internal audits, training and awareness programs.
• Contribute to IT security awareness promotion

About the ideal candidate

• Engineering degree
• Minimum of 5 years of experience in security architect
• Good interpersonal skills
• Proactive, rigorous and detail-oriented
• Full working proficiency in English (required)

Working at Amadeus, you will find

A critical mission and purpose - At Amadeus, you will be powering the future of travel and pursuing a critical mission and extraordinary purpose.

A truly global DNA - Everything at Amadeus is global, from our people to our business, which translates into our footprint, processes, and culture.

Great opportunities to learn - Learning happens all the time and in many ways at Amadeus, through on-the-job training, formal learning activities, and day-to-day interactions with colleagues.

A caring environment - Amadeus fosters a caring environment, nurturing both a fulfilling career and personal and family life. We care about our employees and strive to provide a supportive work environment.

A complete rewards offer - Amadeus provides attractive remuneration packages, covering all essential components of a competitive reward offer, including salary, bonus, equity, and benefits.

A flexible working model - We want our employees to do their best work, wherever and however it works best for them.

A diverse and inclusive community - We are committed to leveraging our uniquely diverse population to drive innovation, creativity, and collaboration across our organization.

A Reliable Company - Trust and reliability are fundamental values that drive our actions and shape long-lasting relationships with our customers, partners, and employees.

Diversity & Inclusion

Amadeus aspires to be a leader in Diversity, Equity and Inclusion in the tech industry, enabling every employee to reach their full potential by fostering a culture of belonging and fair treatment, attracting the best talent from all backgrounds, and as a role model for an inclusive employee experience.

Amadeus is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to gender, race, ethnicity, sexual orientation, age, beliefs, disability or any other characteristics protected by law.