Principal Specialist - Information Security

Job Title

Principal Specialist - Information Security

Purpose of the Role

Working in close collaboration with Amadeus security teams (GSOC, TISO, BISO), the successful candidate will be responsible for analyzing security challenges across the Self-Service software stack and designing solutions that align with Amadeus security standards. This role is critical in identifying gaps where current applications may not follow a defined security framework and proposing secure, scalable, and compliant architectures to address them.

As a member of the Engineering Security team, the candidate will work closely with development teams and software architects to translate problem statements into actionable security designs. The ultimate goal is to bridge the gap between current practices and Amadeus’ security standards, enabling secure software delivery across the Self-Service portfolio.

Main Responsibilities

• Analyze security challenges within the Self-Service application stack and design solutions that align with Amadeus security standards, ensuring proposed architectures are secure, scalable, and compliant. The role focuses on translating problem statements into actionable, standards-based security designs, in close collaboration with implementation teams.
• Provide expert guidance on security architecture, leveraging strong knowledge of security concepts, secure coding principles, and application development.

Contribute to the evolution of internal security governance, including architecture strategy, risk analysis processes, and cross-functional collaboration.

Lead the security epic within the SAFe Agile Release Train (if applicable), driving security integration across development cycles.

Collaborate with BISO and TISO teams to maintain the security risk register and define mitigation plans for identified risks.

Conduct and facilitate threat modeling exercises for applications in scope, in collaboration with TISO office security managers.

Provide second-level support to White Hat teams, offering expert guidance on security-related issues and promoting secure coding practices.

Promote security awareness within the engineering organization through training, communication, and active participation in awareness initiatives.

Stakeholders

Heads of departments (Occasionally)

Product Development Teams (Often)

Delivery and Support Teams (Very Often)

Sales Teams (Occasionally)

Client Project Managers (Occasionally)

Client Delivery Team (Occasionally)

Education

Tertiary qualification in Information Technology, Software Engineering or similar discipline

Relevant Work Experience

Desirable but not essential :

Business Understanding

Working on access management systems for a large suite of systems and applications.

Skills

Computing : Proficiency in AWS and cloud-based infrastructure security.

Strong foundation in IT Security principles, including identity and access management, secure architecture, and compliance.

Experience with Identity Management systems, including SSO, MFA, and PAM.

Languages : No specific programming language is required, though familiarity with languages such as C#, Python, or others commonly used in-house is beneficial.

Other : Communication & Collaboration

Personal Attributes

Competencies

Diversity & Inclusion

Amadeus aspires to be a leader in Diversity, Equity and Inclusion in the tech industry, enabling every employee to reach their full potentialby fostering a culture of belonging and fair treatment, attracting the best talent from all backgrounds, and as a role model for an inclusive employee experience.

Amadeus is an equal opportunity employer. All qualified applicants will receiveconsideration for employment without regard to gender, race, ethnicity, sexual orientation, age, beliefs, disability or any other characteristics protected by law.