Krealo
Lima, Peru
Why do we hire a Security Architect Leader?
Krealo is looking for an experienced Security Architect with in-depth, hands-on knowledge of Information Security architecture policies, standards and guidelines to ensure that systems are designed and built in a manner that minimizes security risk while ensuring business needs are met. The Information Security Architect must be familiar with the current threat environment, how these threats can exploit known vulnerabilities and be able to provide mitigation strategies in the design and development of systems to ensure security risk (Confidentiality / Integrity / Availability) is minimized. To be successful in this role, you will need a solid foundation in a full range of web and mobile technologies, experience designing and describing complex software systems, and a drive to tackle new challenges head-on. This is your chance to work with a team of experienced and talented individuals, participate in a fun and engaging workplace culture, and have your work used by millions.
Your work will be...
You will guide the CTO of Krealo in selecting the Security technologies.
You will to make intuitive high level decisions for cloud decisions. You will see the “big picture” and create architectural approaches for software design and implementation to guide the Security team.
You will develop internal capabilities at Krealo to build and nurture digital services, with a special focus on rapid prototyping and implementation of early stage products.
You will design tech standards across Credicorp companies, and create a robust community of Internet-era tech leaders across the Krealo portfolio.
You will explore the latest trends and tools related to emerging technologies and practices to be applied within Krealo ecosystem.
You will fit well if...
You are passionate about technology
You learn quickly and easily adapt to changing situations and priorities
You are extremely comfortable with ambiguity and in fast-changing environments
You believe in building phenomenal products and doing great work by international standards
You are a great communicator, fluent in both Spanish and English.
You are open to join our globally distributed team and help us develop beautiful, personalized solution with best experiences for our users.
You are driven and enjoy shipping new features
You are hungry and enjoy being constantly challenged to learn and do more
You embrace conflict of ideas and like to question the status quo
You want to understand the big picture, to be held accountable and make a meaningful contribution with your work
For this position we seek the following experiences...
You have a Bachelor's degree in Computer Science, Computer Engineering, or Electrical Engineering
You have 7+ years of experience in technical leadership and architecture roles.
You have experience with testing best practices and methodologies, particularly for testing Javascript
You have full-stack Engineering vision: ability to leverage breadth of experience and knowledge to architect and design solutions
You have vast experience working within iterative development practices and methodologies, such as Agile, Scrum, Kanban, etc.
You are aware of the issues that emerge from scaling software applications, such as security, efficiency, and reliability.
You have experience building enterprise security strategy for cloud adoption or driving the program's evolution to meet new requirements
You have experience leading the certification or accreditation of cloud workload(s) to meet industry standards such as PCI DSS, ISO 27001, HIPAA, and NIST/DoD frameworks.
You have background in definition and design of secure hardware systems
You have experience in threat modeling and weaknesses analysis
You have working knowledge of applied cryptography
You have knowledge of microprocessor architecture and SoC architecture
You have exposure to OS security
You have good knowledge of Verilog/VHDL
You have experience in C/C++ and interpretive language such as Perl/Python
You have significant experience building security reference architecture for all-in cloud deployments and hybrid scenarios
You have deep understanding of enterprise risk management methods and techniques to drive successful outcomes in a multinational environment
You have experience with enterprise security solutions such as WAF, IPS, Anti-DDOS, and SIEM.
You have familiarity with archive, backup/recovery and business continuity processes in distributed operations
You have knowledge of Networking, Virtualization, Storage and Cloud Technologies including but not limited to secure implementation of: local area networks (LANs), wide area networks (WANs), virtual private networks (VPNs), wireless networks (Wi-Fi), switches, routers, firewalls, wireless access points and related security and network devices; Hypervisors, VMs and VDIs; Storage Area Networks (SAN), Network Attached Storage (NAS), CIFS, SMB and relevant security and replication technologies.
You have excellent understanding of cloud security and experience with design and/or implementation of applications in the cloud; Understanding of cloud deployment models: Private Cloud, Public Cloud, Hybrid Cloud; Cloud service models: Infrastructure as a service (IaaS), Platform as a service (PaaS) and Software as a service (SaaS); implementation of relevant controls to ensure Confidentiality, Integrity and Availability of Bank data.
You have extensive knowledge of technical security controls and technologies (e.g. IDS, IPS, traditional, NextGen and Web Application Firewalls; Data Loss Prevention; Antivirus, Anti-malware and Zero Day technologies; Security Information and Event Management (SIEM); Access and Identity Management and Privileged User Management; Public Key Infrastructure and Certificate management).
Working with us is...
Being challenged and reinventing yourself every day in the pursuit of knowledge
Joining a mission-driven organization. Krealo is intently focused on a single ambitious goal: To create the next generation of modern financial services.
Working on a fun atmosphere created exclusively to challenge yourself and think outside the box
Joining a flat organization, sharing your knowledge and learning from the best team, combining global and multidisciplinary experiences.
We are...
Krealo is the digital disruption team of the Credicorp, and our goal is to revolutionize everyday finance with groundbreaking and customer-focused solutions. We mainstream financial innovation and help people rethink the way they do finance. We are bringing together a committed team to shape end-user experience through open innovation and technology.
Part of...
Credicorp (NYSE: BAP) is the leading financial services holding company in Peru. It primarily operates via its six principal subsidiaries: Banco de Crédito del Perú (BCP), BCP Bolivia, Atlantic Security Bank (ASB), Prima AFP, El Pacífico-Peruano Suiza Compañía de Seguros y Reaseguros (Grupo Pacífico) y Credicorp Capital. Is engaged principally in commercial banking, insurance, investment banking and pension fund business.
Why do we hire a Security Architect Leader?
Krealo is looking for an experienced Security Architect with in-depth, hands-on knowledge of Information Security architecture policies, standards and guidelines to ensure that systems are designed and built in a manner that minimizes security risk while ensuring business needs are met. The Information Security Architect must be familiar with the current threat environment, how these threats can exploit known vulnerabilities and be able to provide mitigation strategies in the design and development of systems to ensure security risk (Confidentiality / Integrity / Availability) is minimized. To be successful in this role, you will need a solid foundation in a full range of web and mobile technologies, experience designing and describing complex software systems, and a drive to tackle new challenges head-on. This is your chance to work with a team of experienced and talented individuals, participate in a fun and engaging workplace culture, and have your work used by millions.
Your work will be...
You will guide the CTO of Krealo in selecting the Security technologies.
You will to make intuitive high level decisions for cloud decisions. You will see the “big picture” and create architectural approaches for software design and implementation to guide the Security team.
You will develop internal capabilities at Krealo to build and nurture digital services, with a special focus on rapid prototyping and implementation of early stage products.
You will design tech standards across Credicorp companies, and create a robust community of Internet-era tech leaders across the Krealo portfolio.
You will explore the latest trends and tools related to emerging technologies and practices to be applied within Krealo ecosystem.
You will fit well if...
You are passionate about technology
You learn quickly and easily adapt to changing situations and priorities
You are extremely comfortable with ambiguity and in fast-changing environments
You believe in building phenomenal products and doing great work by international standards
You are a great communicator, fluent in both Spanish and English.
You are open to join our globally distributed team and help us develop beautiful, personalized solution with best experiences for our users.
You are driven and enjoy shipping new features
You are hungry and enjoy being constantly challenged to learn and do more
You embrace conflict of ideas and like to question the status quo
You want to understand the big picture, to be held accountable and make a meaningful contribution with your work
For this position we seek the following experiences...
You have a Bachelor's degree in Computer Science, Computer Engineering, or Electrical Engineering
You have 7+ years of experience in technical leadership and architecture roles.
You have experience with testing best practices and methodologies, particularly for testing Javascript
You have full-stack Engineering vision: ability to leverage breadth of experience and knowledge to architect and design solutions
You have vast experience working within iterative development practices and methodologies, such as Agile, Scrum, Kanban, etc.
You are aware of the issues that emerge from scaling software applications, such as security, efficiency, and reliability.
You have experience building enterprise security strategy for cloud adoption or driving the program's evolution to meet new requirements
You have experience leading the certification or accreditation of cloud workload(s) to meet industry standards such as PCI DSS, ISO 27001, HIPAA, and NIST/DoD frameworks.
You have background in definition and design of secure hardware systems
You have experience in threat modeling and weaknesses analysis
You have working knowledge of applied cryptography
You have knowledge of microprocessor architecture and SoC architecture
You have exposure to OS security
You have good knowledge of Verilog/VHDL
You have experience in C/C++ and interpretive language such as Perl/Python
You have significant experience building security reference architecture for all-in cloud deployments and hybrid scenarios
You have deep understanding of enterprise risk management methods and techniques to drive successful outcomes in a multinational environment
You have experience with enterprise security solutions such as WAF, IPS, Anti-DDOS, and SIEM.
You have familiarity with archive, backup/recovery and business continuity processes in distributed operations
You have knowledge of Networking, Virtualization, Storage and Cloud Technologies including but not limited to secure implementation of: local area networks (LANs), wide area networks (WANs), virtual private networks (VPNs), wireless networks (Wi-Fi), switches, routers, firewalls, wireless access points and related security and network devices; Hypervisors, VMs and VDIs; Storage Area Networks (SAN), Network Attached Storage (NAS), CIFS, SMB and relevant security and replication technologies.
You have excellent understanding of cloud security and experience with design and/or implementation of applications in the cloud; Understanding of cloud deployment models: Private Cloud, Public Cloud, Hybrid Cloud; Cloud service models: Infrastructure as a service (IaaS), Platform as a service (PaaS) and Software as a service (SaaS); implementation of relevant controls to ensure Confidentiality, Integrity and Availability of Bank data.
You have extensive knowledge of technical security controls and technologies (e.g. IDS, IPS, traditional, NextGen and Web Application Firewalls; Data Loss Prevention; Antivirus, Anti-malware and Zero Day technologies; Security Information and Event Management (SIEM); Access and Identity Management and Privileged User Management; Public Key Infrastructure and Certificate management).
Working with us is...
Being challenged and reinventing yourself every day in the pursuit of knowledge
Joining a mission-driven organization. Krealo is intently focused on a single ambitious goal: To create the next generation of modern financial services.
Working on a fun atmosphere created exclusively to challenge yourself and think outside the box
Joining a flat organization, sharing your knowledge and learning from the best team, combining global and multidisciplinary experiences.
We are...
Krealo is the digital disruption team of the Credicorp, and our goal is to revolutionize everyday finance with groundbreaking and customer-focused solutions. We mainstream financial innovation and help people rethink the way they do finance. We are bringing together a committed team to shape end-user experience through open innovation and technology.
Part of...
Credicorp (NYSE: BAP) is the leading financial services holding company in Peru. It primarily operates via its six principal subsidiaries: Banco de Crédito del Perú (BCP), BCP Bolivia, Atlantic Security Bank (ASB), Prima AFP, El Pacífico-Peruano Suiza Compañía de Seguros y Reaseguros (Grupo Pacífico) y Credicorp Capital. Is engaged principally in commercial banking, insurance, investment banking and pension fund business.