Job Title
Principal Specialist - Information Security
Purpose of the Role
Working in close collaboration with Amadeus security teams (GSOC, TISO, BISO), the successful candidate will be responsible for analyzing security challenges across the Self-Service software stack and designing solutions that align with Amadeus security standards. This role is critical in identifying gaps where current applications may not follow a defined security framework and proposing secure, scalable, and compliant architectures to address them.
As a member of the Engineering Security team, the candidate will work closely with development teams and software architects to translate problem statements into actionable security designs. The ultimate goal is to bridge the gap between current practices and Amadeus’ security standards, enabling secure software delivery across the Self-Service portfolio.
Main Responsibilities
- Analyze security challenges within the Self-Service application stack and design solutions that align with Amadeus security standards, ensuring proposed architectures are secure, scalable, and compliant. The role focuses on translating problem statements into actionable, standards-based security designs, in close collaboration with implementation teams.
- Provide expert guidance on security architecture, leveraging strong knowledge of security concepts, secure coding principles, and application development.
Contribute to the evolution of internal security governance, including architecture strategy, risk analysis processes, and cross-functional collaboration.
Represent the Security Office within the R&D organization, acting as the primary liaison for all security-related initiatives in the Self-Service domain.Lead the security epic within the SAFe Agile Release Train (if applicable), driving security integration across development cycles.
Advise on cloud security controls, both at the application and operational levels, ensuring secure deployment and operations in cloud environments.Collaborate with BISO and TISO teams to maintain the security risk register and define mitigation plans for identified risks.
Own and manage reporting and governance tasks related to the Secure Development Lifecycle (SDL) and compliance programs, ensuring alignment with Amadeus standards.Conduct and facilitate threat modeling exercises for applications in scope, in collaboration with TISO office security managers.
Provide second-level support to White Hat teams, offering expert guidance on security-related issues and promoting secure coding practices.
Promote security awareness within the engineering organization through training, communication, and active participation in awareness initiatives.
Stakeholders
Heads of departments (Occasionally)
Product Development Teams (Often)
Delivery and Support Teams (Very Often)
Sales Teams (Occasionally)
Client Project Managers (Occasionally)
Client Delivery Team (Occasionally)
Education
Tertiary qualification in Information Technology, Software Engineering or similar discipline
Relevant Work Experience
Proven experience in implementing Single Sign-On (SSO) solutions across both new and legacy systems.Hands-on experience with Multi-Factor Authentication (MFA) integration in diverse application environments.Experience deploying and managing Privileged Access Management (PAM) systems.Strong background in IT security design and assessment, including architecture reviews and risk evaluations.Experience working with cloud platforms (e.g., AWS, Azure, GCP) and on-premises data centers, ensuring secure infrastructure and operations.Familiarity with Windows and Linux environments, including system hardening and secure configuration practices.Desirable but not essential :
Experience working with Amadeus systems or platforms.Exposure to aviation industry systems, particularly in the area of passenger processing.Business Understanding
Working on access management systems for a large suite of systems and applications.
Skills
Computing : Proficiency in AWS and cloud-based infrastructure security.
Strong foundation in IT Security principles, including identity and access management, secure architecture, and compliance.
Experience with Identity Management systems, including SSO, MFA, and PAM.
Languages : No specific programming language is required, though familiarity with languages such as C#, Python, or others commonly used in-house is beneficial.
Other : Communication & Collaboration
Excellent verbal, written, and presentation skills, with the ability to articulate complex security concepts in both technical and business terms.Strong interpersonal skills, with the ability to influence, motivate, and gain buy-in from diverse stakeholders.Proven ability to collaborate across multiple teams in a matrixed or cross-functional environment.Personal Attributes
A self-starter with a proactive, “can-do” attitude and a strong client focus.Demonstrates a high level of ownership and accountability for deliverables and outcomes.Meticulous work ethic, with strong attention to detail and a commitment to quality.Competencies
Learn in detail the technical capabilities of our line of products and produce a solution that meets the customer requirements. Prepare documentation that clearly describes the components of the solution and how it integrates into the clients infrastructure and processes.Be able to gather and interpret client's non-functional requirements and business volumes to determine the sizing of the components of the solution. This includes network bandwidth, latency, reliability, server size and number.Be able to understand and apply Amadeus security policies, standards, and architectural blueprints when designing solutions. Be able to incorporate these requirements into secure architectures and demonstrate how they are met. Be able to align proposed solutions with industry best practices, such as the AWS Well-Architected Framework and Azure Well-Architected Framework, while maintaining awareness of current security and privacy standards and technologies.Be able to understand the organisations existing enterprise architecture and work within it. Where necessary be able to expand and refine the enterprise architecture then document and communicate this to the organisation.Understanding of the bid and proposal process. Able to assist sales team to deliver strong proposals with good margins, low technical risk, strong business value and that highlight our product strengths. Understand how to build long term customer relationships.The solution architect should always be observing how we can improve our products through the design, delivery and support phases of each project. Be able to design and propose product improvements.A solution architect working in the airport / airline space needs to be able to understand and design at a mid to high level networking that spans multiple organisations.Ideally the solution architect will have as much experience in the airline / airport field as possible or in related fields.Be able to design both back end and front end applications. Produce documentation for use by implementors and end users.Be able to design high level web applications and choose the appropriate frameworks / libraries for their implementationBe able to use and design API's for internal and external use. In particular be able to design around ReSTFul and Microservices principles to ensure these are easily consumed and maintainable.Produce high quality documentation and diagrams that are clear and concise. Able to present well and handle customer questions.Diversity & Inclusion
Amadeus aspires to be a leader in Diversity, Equity and Inclusion in the tech industry, enabling every employee to reach their full potentialby fostering a culture of belonging and fair treatment, attracting the best talent from all backgrounds, and as a role model for an inclusive employee experience.
Amadeus is an equal opportunity employer. All qualified applicants will receiveconsideration for employment without regard to gender, race, ethnicity, sexual orientation, age, beliefs, disability or any other characteristics protected by law.