Description

We are looking for a top-level cybersecurity expert for automated systems and business processes to join our corporate products cybersecurity team.

Responsibilities

You will be responsible for:

operational management of an expert team
interaction with IT support teams, business analysts, developers, product owners, representatives of regulatory bodies, providing consultations on cybersecurity issues
preparation of cybersecurity requirements (both conceptual and detailed) for new automated systems, technologies, processes, products
analysis of conceptual architectures of projects for the development and modification of automated systems
expert review of changes implemented in the bank's business processes, products, and services for cybersecurity threats, selection of adequate and optimal protection measures
participation in acceptance tests of banking systems and products, planning and organization of audits
preparation of recommendations and proposals for making changes to the bank's processes and regulatory documents
participation in goal setting, ensuring the achievement of target results.

For high-quality performance of duties, it is necessary:

to form a firm position on cybersecurity issues regarding identified threats
to assess the risks of changes implemented in the bank's business processes, products, and services
to model cybersecurity threats
to write informational reports on software vulnerabilities and business process deficiencies identified during work
to possess skills in project and operational management.

Requirements

What is important to us:

higher technical education in the field of information security or information technology
deep knowledge of security standards and legislation: STO BR IBBS, PCI DSS, Federal Law No. 395, Federal Law No. 63, Federal Law No. 152, Federal Law No. 259, etc.
understanding of Agile principles, software lifecycle specifics, DevOps/DevSecOps practices, production process tools
understanding of network architecture, automated system architecture design patterns, LLM operation specifics, and AI agent development
confident command of practices and principles of secure application design (security by design, least privilege, zero trust, etc.)
knowledge and deep understanding of application protocols and integration mechanisms, specifics of virtualization and orchestration with Docker and Kubernetes
understanding of web application and AI agent vulnerabilities, knowledge of their mitigation mechanisms
deep understanding of PKI concepts and architectures, specifics of different types of digital signatures, nuances of applying information security tools and cryptographic information security tools for protecting personal data and payment card data and payment applications
knowledge of authentication, authorization protocols, principles of message validation and request sanitization
understanding of blockchain network operation mechanisms.

An additional advantage is:

work experience as a manager in a system integrator, federal regulatory body, cybersecurity department of a financial organization
understanding of the roles and functions of participants in the global financial market, banking industry, specifics of remote banking services and foreign economic activity
understanding of financial instrument specifics, accounting procedures
experience in designing and maintaining cybersecurity systems, integrating information security tools into existing automated systems
experience in implementing innovative digital products of federal scale
proficiency in security assessment and penetration testing tools
experience in using GigaChat, Kandinsky, and similar tools in products, skills in creating and using AI agents and multi-agent systems.

Conditions

We offer:

comfortable modern office
office-based work format
annual salary review, annual bonus
corporate gym and relaxation areas
more than 400 educational programs from SberUniversity for professional and career development
adaptation program and manager's assistance at the start
extended voluntary health insurance, preferential insurance for family and corporate pension program
flexible discount on mortgage loans, equal to 1/3 of the Central Bank's key rate
free subscription to SberPrime+, discounts on products of partner companies
referral bonus for recommending friends to join the Sber team.

Description

We are looking for a top-level cybersecurity expert for automated systems and business processes to join our corporate products cybersecurity team.

Responsibilities

You will be responsible for:

operational management of an expert team
interaction with IT support teams, business analysts, developers, product owners, representatives of regulatory bodies, providing consultations on cybersecurity issues
preparation of cybersecurity requirements (both conceptual and detailed) for new automated systems, technologies, processes, products
analysis of conceptual architectures of projects for the development and modification of automated systems
expert review of changes implemented in the bank's business processes, products, and services for cybersecurity threats, selection of adequate and optimal protection measures
participation in acceptance tests of banking systems and products, planning and organization of audits
preparation of recommendations and proposals for making changes to the bank's processes and regulatory documents
participation in goal setting, ensuring the achievement of target results.

For high-quality performance of duties, it is necessary:

to form a firm position on cybersecurity issues regarding identified threats
to assess the risks of changes implemented in the bank's business processes, products, and services
to model cybersecurity threats
to write informational reports on software vulnerabilities and business process deficiencies identified during work
to possess skills in project and operational management.

Requirements

What is important to us:

higher technical education in the field of information security or information technology
deep knowledge of security standards and legislation: STO BR IBBS, PCI DSS, Federal Law No. 395, Federal Law No. 63, Federal Law No. 152, Federal Law No. 259, etc.
understanding of Agile principles, software lifecycle specifics, DevOps/DevSecOps practices, production process tools
understanding of network architecture, automated system architecture design patterns, LLM operation specifics, and AI agent development
confident command of practices and principles of secure application design (security by design, least privilege, zero trust, etc.)
knowledge and deep understanding of application protocols and integration mechanisms, specifics of virtualization and orchestration with Docker and Kubernetes
understanding of web application and AI agent vulnerabilities, knowledge of their mitigation mechanisms
deep understanding of PKI concepts and architectures, specifics of different types of digital signatures, nuances of applying information security tools and cryptographic information security tools for protecting personal data and payment card data and payment applications
knowledge of authentication, authorization protocols, principles of message validation and request sanitization
understanding of blockchain network operation mechanisms.

An additional advantage is:

work experience as a manager in a system integrator, federal regulatory body, cybersecurity department of a financial organization
understanding of the roles and functions of participants in the global financial market, banking industry, specifics of remote banking services and foreign economic activity
understanding of financial instrument specifics, accounting procedures
experience in designing and maintaining cybersecurity systems, integrating information security tools into existing automated systems
experience in implementing innovative digital products of federal scale
proficiency in security assessment and penetration testing tools
experience in using GigaChat, Kandinsky, and similar tools in products, skills in creating and using AI agents and multi-agent systems.

Conditions

We offer:

comfortable modern office
office-based work format
annual salary review, annual bonus
corporate gym and relaxation areas
more than 400 educational programs from SberUniversity for professional and career development
adaptation program and manager's assistance at the start
extended voluntary health insurance, preferential insurance for family and corporate pension program
flexible discount on mortgage loans, equal to 1/3 of the Central Bank's key rate
free subscription to SberPrime+, discounts on products of partner companies
referral bonus for recommending friends to join the Sber team.

Key Skills

Contacts

Details

Description

Responsibilities

You will be responsible for:

Requirements

What is important to us:

Conditions

We offer:

Similar vacancies

Lead Cybersecurity Expert

Executive Director (Cybersecurity)

Эксперт по кибербезопасности

Department Head (Red Team, MARS)

Senior Cybersecurity Engineer

Chief Information Security Officer (CISO)

Head of Information Security Department

Head of AI Platform Infrastructure Protection

Senior Cybersecurity Engineer

Red Team Senior Expert

IT Lead for Cybersecurity Services

Head of Anti-Fraud Direction

Key Skills

Contacts

Details

Description

Responsibilities

You will be responsible for:

Requirements

What is important to us:

Conditions

We offer:

Similar vacancies

Lead Cybersecurity Expert

Executive Director (Cybersecurity)

Эксперт по кибербезопасности

Department Head (Red Team, MARS)

Senior Cybersecurity Engineer

Chief Information Security Officer (CISO)

Head of Information Security Department

Head of AI Platform Infrastructure Protection

Senior Cybersecurity Engineer

Red Team Senior Expert

IT Lead for Cybersecurity Services

Head of Anti-Fraud Direction