Кариери

General duties

• Review, assess, and approve the architecture of new IT systems, applications, platforms, and technology solutions to be developed or implemented within the Bank;
• Participate in the security assessment of internally developed solutions, as well as solutions provided by external vendors and third parties;
• Analyse architecture designs, technology dependencies, integrations, data flows, authentication mechanisms, access management, and security controls;
• Define and communicate information security requirements for new projects, systems, initiatives, and architectural changes;
• Participate in the early design stages of new solutions in order to identify and mitigate architectural and technology risks;
• Assess whether new architectures and solutions comply with internal policies, standards, and security best practices;
• Support architectural decision-making related to segmentation, data protection, cryptography, identity and access management, logging, monitoring, resilience, and secure-by-design principles;
• Participate in security reviews of projects, changes, new technologies, cloud initiatives, integrations, and outsourcing solutions;
• Identify risks, weaknesses, and gaps in architectural solutions and propose practical mitigation measures;
• Work closely with Architecture, Development, Infrastructure, Network, Cloud, Risk, Procurement, and Information Security teams;
• Prepare expert opinions, architectural assessments, security requirements, risk assessments, and documentation related to projects and initiatives;
• Participate in the development of internal standards, principles, and methodologies for secure architecture and strategic security development;
• Monitor trends, best practices, and emerging technologies in the field of security architecture and support the Bank’s strategic development in this area. 

Requirements

Main Requirements:

• University degree in Information Technology, Cybersecurity, Computer Science, Telecommunications, Software Engineering, or another relevant field;
• Minimum 3 years of professional experience in security architecture, IT architecture, infrastructure security, solution design, technology risk, or a similar role;
• Hands-on experience in assessing, designing, or approving IT system architectures and technology solutions;
• Good understanding of architectural dependencies between applications, infrastructure, networks, data, identities, and external integrations;
• Experience in identifying and assessing risks related to new technologies, new architectures, and technology changes;
• Good understanding of secure-by-design, defense-in-depth, least privilege, segmentation, and resilience principles;
• Ability to analyse complex technology solutions and translate risks into clear requirements and recommendations;
• Very good analytical, communication, and organisational skills;
• Ability to work with multiple stakeholders and parallel initiatives;
• Very good command of English, both written and spoken.

Required Technical Knowledge:

The candidate should have practical and conceptual technical knowledge enabling them to assess the security of complex architectural solutions, including:

• Good knowledge of network architecture, segmentation, and network security;
• Good knowledge of Windows, Linux, server environments, virtualization, and infrastructure services;
• Good understanding of identities, authentication, authorization, privilege management, and federation models;
• Good understanding of cryptography, data protection, key management, and secure communications;
• Understanding of API security, application integrations, middleware, and data flows;
• Knowledge of cloud architectures, hybrid environments, and cloud security will be considered a strong advantage;
• Good understanding of logging, monitoring, traceability, incident response dependencies, and operational resilience;
• Ability to assess how technical controls fit into the organisation’s overall architecture.

Practical Experience That Will Be Highly Valued:

• Security architecture review of new systems, applications, and infrastructure solutions;
• Participation in architecture boards, design reviews, or approval processes;
• Assessment of solutions delivered by external vendors, SaaS platforms, cloud services, and third-party integrations;
• Experience in defining security requirements for new projects and technology initiatives;
• Threat modeling and architectural risk assessment;
• Assessment of secure design for APIs, web applications, cloud solutions, data platforms, and identity services;
• Participation in digital transformation, cloud adoption, architecture modernization, or large-scale technology projects;
• Work in complex enterprise environments with multiple dependencies, systems, and integrations;
• Participation in projects related to technology standardization and strategic security development.

Knowledge of Standards and Best Practices:

For this role, strong knowledge of the following will be considered an advantage:

• ISO 27001 and related best practices;
• NIST Cybersecurity Framework;
• Zero Trust principles;
• Architecture and security design best practices;
• Applicable regulatory requirements for banks and financial institutions;
• Principles of secure architecture, secure-by-design, and risk-based security governance;
• Best practices for assessing third-party technology risk.

The Following Will Be Considered an Advantage:

• Experience in a bank or another highly regulated environment;
• Experience as a Security Architect, Solution Architect, Infrastructure Architect, or in a similar role;
• Experience in assessing and approving architectures of solutions developed by external vendors;
• Experience with cloud security, hybrid environments, and modern enterprise architecture;
• Experience in managing architectural risks and technology dependencies;
• Experience in working with technical, business, and control functions;
• Professional certifications in security architecture, cloud security, enterprise architecture, or information security;
• Experience in a large corporate or international environment.

Personal Profile:

• Strong analytical and architectural thinking;
• Ability to see the bigger picture and the dependencies between different technologies and processes;
• High level of professional responsibility, precision, and consistency;
• Ability to take well-grounded expert positions and defend them before different stakeholders;
• Proactive mindset, focus on sustainable solutions, and strategic thinking;
• Good communication skills and ability to work effectively with architects, developers, infrastructure teams, risk, and management;
• Ability to work confidently in an environment with high expectations, regulatory sensitivity, and significant technological scale. 

DSK Bank offers

• Excellent opportunities for professional and career development in one of Bulgaria’s leading banks
• Food vouchers in the amount of up to 102.26 EUR per month
• 20+5 paid holiday leave
• Additional Health Insurance
• Annual bonus scheme depending on the achieved results
• Favorable conditions for housing and mortgage lending, as well as for bank products and services
• Preferential conditions for Multisport / CoolFit card
• Discounts in various companies
• Professional trainings for specific knowledge and skills
• Refer a Friend Bonus
• Opportunity to work in one of the leading financial institutions in Bulgaria;
• A key expert role with real impact on the security of new technologies and architectures across the organisation;
• Participation in significant projects related to the development, modernization, and implementation of new IT solutions;
• Work at the intersection of architecture, security, risk, and technology strategy;
• Opportunity for professional growth in an environment with high standards, complex systems, and real challenges.

If this position sounds like the right fit for you, we’d love to receive your application. All applications will be treated with strict confidentiality. Only shortlisted candidates will be contacted.

Documents for application

CV