VeriTran is a global company that speeds up and simplifies business application development through its Low-Code Platform.
Focused on driving digital transformation, the company integrates exponential technologies into legacy systems, improving deployment times and delivery costs without writing a single line of code.
VeriTran’s Low-Code Platform is used by more than 50 banks, reaching more than 20 million users who safely run more than 20 billion transactions annually.
We have a highly specialized and multidisciplinary work team that, with its knowledge, creativity and innovation, has turned the company into a benchmark in the sector.
We work to provide the best attention to the requirements of our customers quickly and effectively. With a focus on continuous innovation and a business-oriented vision, we manage agile changes at any time in the life cycle of a project to the needs of our customers.
We have the ability to provide consulting and support globally thanks to our Development and Implementation Center located in the city of Pereira in Colombia and offices in Barcelona, Bogotá, Buenos Aires, Lima, México City, Miami, New York, Sao Paulo and Santiago de Chile, ensuring compliance of the highest quality standards and capitalizing on the experience acquired in projects already implemented.
At VeriTran, we are committed to continually improving both our innovation and delivery capabilities, as well as the quality of our products and services. We recognize that we have come a long way thanks to the commitments we have made at a technical level, and we want to surround ourselves with people who empower us to go even further.
We work hard to germinate a culture of excellence and technical agility of ours and to ensure the highest quality in products and services. For this, we know that it is important to focus on the automation of processes, generation of metrics, monitoring, preventive actions and continuous training. That's why we are looking for people who are enthusiastic about working this way and wanting to give the extra mile. We value attitude, autonomy and ability to learn and improvement above all else. Also, the passion for teamwork, innovation and interest in business.
What are we looking for?
This position will be responsible for leading our Information Security efforts across VeriTran.
As an experienced Head of Security, you are responsible for assembling a team of Information Security professionals that, alongside you, will be responsible of the security of VeriTran’s products and infrastructure. You will be leading the application security, compliance, cyber security and operational resilience teams.
Because of the nature of VeriTran’s product, nearly every component we develop needs to interact with sensitive financial and personal data, making the Information Security team an extremely dynamic environment to join.
Do you thrive on finding security risks? Do you find yourself wondering how attackers could exploit a complex architecture or infrastructure? Do you find new technologies exciting and the puzzle of their security strengths and weaknesses irresistible to solve? Come join us!
What will you do?
- Partner with Management, Business, Cloud, IT, Product, and Client Delivery teams, among others, to set the course for information security practices for years to come.
- Build and scale a strong team of Information Security professionals, operations personnel and more.
You are responsible for assembling a team of Information Security professionals that, alongside you, will:
- Work closely with Product teams on software design for both existing and new features, or for major changes.
- Work closely with cross functional teams to complete projects and major initiatives using judgment and growing experience. Collaborate with Cloud, IT, Product, and Client Delivery teams to understand the solution architecture and then fully articulate the security design of the platform.
- Drive threat modeling and security code walkthrough efforts.
- Develop, implement, and communicate vulnerability mitigation strategies to Product, Client Delivery and Infrastructure teams.
- Help define operational processes to ensure predictable software development outcomes; refine Information Security processes and procedures.
- Research the latest security best practices, trends, threats and vulnerabilities, and technology frameworks.
- Decide on software security products and technologies, as required.
- Define the roadmap of our ISMS based on the ISO 27000 series standards.
- Support suitable Information Security awareness, advice, training and educational activities.
- Advocate for security guidelines about common security issues, remediation guidance, and security baselines.
- Be a security Subject Matter Expert (SME) and respond to internal security questions and requests.
- Represent VeriTran in private or public venues.
Who are you?
- 3 or more years of provable experience as Head of Information Security Manager or similar positions.
- A degree in Computer Sciences, Computer Engineering or related fields.
- Background in software development industry.
- Ability to deep dive into data and analyze for security and fraud anomalies.
- Ability to determine risk based on context.
- Expertise securing infrastructure in public cloud (e.g. AWS, Azure, Google Cloud).
- Expertise attacking network protocols and analyzing network traffic.
- Expertise in mobile and web application security.
- Expertise in using SAST, DAST, SCA and fuzz testing tools.
- Expertise automating vulnerability discovery and repetitive tasks.
- Excellent communication and interpersonal skills.
- Be willing to go beyond the standard routine.
- Ability to thrive in a high-pressured environment and crisis situations.
- Ability to adjust quickly to the security needs of a highly agile organization.
- Ability to multi-task multiple projects at once and drive for results independently.
- Ability to correctly balance security risk and product advancement.
- Methodical and diligent with outstanding planning abilities.
We consider it a plus if you have experience with the following:
- Understanding of architecture, design and coding in multiple languages.
- Participate in security research and conferences.
- Related certifications, such as but not limited to: OSCP, OSCE, CISSP.
- Knowledge in related standards, such as but not limited to: ISO 27002, ISO 27017 and ISO 27018, PCI DSS, EU GDPR SOC 1, 2 & 3.
- Knowledge of the financial industry’s standards and regulations.
- Expertise building automation tools for security processes for both mobile and web applications.
- Being part of a company that grows exponentially year after year, generating many opportunities in a global and challenging context.
- An excellent work environment and a well-cared environment with everything you need to work in the most comfortable way.
- A flat organizational structure, with open communications and where we advocate freedom, responsibility, solidarity, and humility as our fundamental values.
We are growing and we want to incorporate the best talent, will you join us?