As part of the Security by Design & Architecture team of the Group’s Information Security Division, you will play a key role in strengthening the Group’s security posture by embedding Security by Design principles across technology and business initiatives.

Your role involves active engagement in project design and delivery phases, ensuring that security requirements are effectively integrated into systems, applications, and infrastructure. You will also contribute to the continuous improvement of security controls across the environment, in a role that offers broad exposure to diverse technology and business initiatives.

Your responsibilities include:

• Participating in project design and delivery phases, ensuring that security requirements are identified, documented, and effectively integrated into technical and functional specifications

• Contributing to the secure design of systems, applications, and infrastructure across initiatives

• Collaborating with IT and business teams to embed security controls into solutions, providing practical guidance and constructive challenge, and supporting architecture and design reviews by translating security standards into actionable and implementable requirements

• Promoting secure development and engineering practices through involvement in application security assessments and platform changes, ensuring that security considerations are addressed early and consistently throughout the project lifecycle

• Contributing to the design, implementation, and improvement of network and endpoint security controls, including segmentation, secure remote access, intrusion detection/prevention, WAF configurations, and endpoint protection

• Participating in the definition and refinement of information protection and access control measures, including DLP and privileged access management, supporting the enforcement of least privilege and secure access practices

• Contributing to secure configuration standards, asset lifecycle security, and endpoint hardening practices, while supporting alignment with security policies, standards, and best practices across the organization

Qualifications:

• Bachelor’s Degree in Computer Science, Telecommunications, Engineering, or a related field

• 3–5 years of experience in cybersecurity, security engineering, or related technical roles, with exposure to project environments and system design or implementation activities

• Solid understanding of Security by Design principles and secure system design practices

• Experience working with cross-functional teams across technology and business functions

• Familiarity with security technologies such as firewalls, IDS/IPS, DLP, PAM, endpoint protection, or cloud security controls

• Ability to translate security requirements into practical and implementable solutions

• Strong analytical thinking, problem-solving, and communication skills

• Good command of the English language

Qualifications considered an asset:

• MSc in Information Security/ Cyber Security

• Relevant certifications such as Security+, CySA+, AZ-500, CEH, or equivalent

We offer:

• Career and development prospects in one of the most successful commercial groups in the Balkans

• Extensive continuous training

• Competitive remuneration & benefits package