ELEKS is looking for a Senior Security Specialist (Cybersecurity) to work on-site in Quito, Ecuador.
ABOUT PROJECT
The project focuses on building and evolving a large-scale public financial platform in Latin America, with high requirements for security, scalability, and reliability. The solution is developed in close collaboration with international partners and is funded by a global financial organization. The technical implementation is based on the Microsoft ecosystem, with a strong emphasis on enterprise-grade cybersecurity and long-term support.
REQUIREMENTS
Mandatory certification: CISSP or SC-100Senior-level experience in Microsoft enterprise cybersecurityStrong hands-on experience with C# / .NET (ASP.NET Core) in enterprise environmentsDeep understanding of Microsoft security architecture, including:Encryption and data protection (at rest and in transit)Secure communications and Zero Trust principlesIdentity and access management in Microsoft ecosystemsExperience with DevSecOps and integrating security into CI/CD pipelinesPractical knowledge of Azure-native services and security toolingStrong understanding of secure-by-design application architectureSpanish: B2+/C1 and English: C1Ability to work on-site in Quito, EcuadorStrong communication, documentation, and stakeholder interaction skillsAbility to work under strict compliance and regulatory requirements (IDB-funded projects)
RESPONSIBILITIES
Design and enforce secure-by-design architecture for enterprise-scale systems within a Microsoft ecosystemImplement and validate encryption and data protection mechanisms using Microsoft-supported technologiesSecure service-to-service, hybrid, and cloud communications following Zero Trust principlesIntegrate cybersecurity controls into application design, CI/CD pipelines, and operational environments (DevSecOps)Ensure compliance with IDB policies, MEF requirements, and project governance standardsSupport enterprise-grade scalability, security, and long-term maintainability of the New eSIGEF platformCollaborate with technical and delivery teams to embed security best practices across the solution lifecycle