Digital Workplace Security Architect
Share
Job Location:
Monthly Salary:
Posted on:
08-11-2025
Vacancies:
1 Vacancy
Job Summary
What we do
Aion Bank is a fully regulated European bank and credit institution combining Vodenos cutting-edge private blockchain-based platform with its ECB banking license strong balance sheet and deep regulatory expertise. Our mission is to provide a comprehensive suite of embedded banking solutions enabling businesses to seamlessly integrate financial services into their offerings.
As part of the UniCredit Group Aion Bank and Vodeno will accelerate their digital banking offer in strategic markets and will act as a sandbox for innovation for the wider UniCredit Group. Aion Bank and Vodenos existing Banking-as-a-Service (BaaS) offering across key European markets includingGermanyandPoland will see the bank embed its services - ranging from account access and deposits to lending payments and loyalty programs - directly into non-banking digital platforms facilitating seamless customer experiences.
At Aion Bank ourbiggest strength is our peoplea team of highly intelligent creative and ambitious professionals who thrive in a fast-paced innovative environment. We believe in delivering results while fostering a culture of passion and collaboration.
We are currently looking for a Digital Workplace Security Architectready to join our adventure share our ambition and help shape the future of digital banking.What you will be doing
Your role will be focused on expert-level design governance and hands-on implementation of security controls.
Security Architecture & Hardening:Enhance implement and manage a robust security architecture for Google Workspace (Gmail Drive Chat Meet Chrome etc.).
Endpoint & MDM Governance:You willenhance and enforcesecurity baselines for all corporate endpoints includingMacbooksandmobile devices ensuring their compliance through our MDM solutions (e.g. Jamf). Implement and manage Context-Aware Access rules to enforce Zero Trust principles.
Data Protection & Control (DLP):You will be the owner of our workplace data protection strategy. You will configure new as well as existingDLP (Data Loss Prevention)rules acrossGmail Google Drive and Chrome. Your responsibility includesproactively identifying new paths of data breachesand designing controls to mitigate them.
Risk & Application Governance:You will be responsible for thetechnical governance of applicationsand browser extensions assessing their risk and defining usage policies. Verification of SSO coverage with our partners. You will act as the primary technical expert during internal audits and regulatory reviews related to the workplace environment.
Service Account & Automation Governance:You will establish and enforce security standards forservice accounts scripts and API usage. Youll be responsible for auditing their permissions and ensuring all automation aligns with least-privilege principles.
- Threat Detection & Incident Response: Utilise the Google Workspace Alert Centre security dashboard and investigations tool to proactively detect and respond to security incidents.
Skills you should have
Core Experience: You have extensive (e.g. 5 years) experience in IT Security with a proven track record in securing workplace environments preferably within a regulated industry (like banking finance or insurance).
Technical Expertise:Deep demonstrable knowledge of Google Workspace security controls Chrome Enterprise Cloud Identity DLP Vault Context-Aware Access and Endpoint Management.
Security Knowledge:You possess a deep understanding ofZero TrustarchitectureIAM andContext-Aware Access. You are proficient in configuringDLPrules email security (SPF DKIM DMARC) and managing security baselines. Strong understanding ofIT governance frameworksand regulatory requirements is :Google Cloud Professional Cloud Security Engineercertification will be an additional asset.
Scripting: Proficiency in scripting (e.g. Python Google Apps Script or shell scripting) for automation.
- Fluency in Polish and English fluent.
What we offer
Unless limited by banking regulations we offer aflexible form of contract.
You will be provided anIndividual Development Budget dedicated to enhancing your professional skills.
If your role permits we also offerflexible work location: home/office according to your preference.
You and your closest family will be covered with VIP-level private medical care which includes dental treatment and ahospitalisation package.
We care for our colleagues well being therefore we coverpsychological consultations if you ever feel you need such support.
Aion bank account without fee.
We co-sponsor your Multisport card and cover50% of its cost.
You will work on computer equipment that delivers the best user experience Apple MacBook.
If you feel like working from the office we have beautiful space available for you in Brussels and Warsaw. Each office is very nicely located with convenient commute options by public transport and by bike. Our office in Warsaw offers healthy snacks throughout the day.
Our process
Step 1:Talk with one of our Recruiters about your to date experiences and ambitions
Step 2:Meet with your future Team Manager to deep dive on the role specifics and our work environment
Our note to you
Diverse teams really are the best teams. Research shows that some candidates may hesitate to apply for a job unless they meet every requirement. If you are excited about working with us we encourage you to apply - even if youre not 100% sure. We are interested in getting to know you and learning about what you bring to the table.
Please note that we may close a job posting early if we receive a large number of exceptional applications.
Good luck!
About us
Key Skills
- Civil
- Bidding
- GIS
- Capital Market
- Cement
- Agricultural
