Information Security Consultant
Bring your talent and passion to Accenture – sharpen your skills, build an extraordinary career and play a key role in creating solutions that transform organizations and communities around the world!
Accenture is a leading global professional services company, providing a broad range of services and solutions in strategy, consulting, digital, technology and operations. Combining unmatched experience and specialized skills across more than 40 industries and all business functions – underpinned by the world’s largest delivery network – Accenture works at the intersection of business and technology to help clients improve their performance and create sustainable value for their stakeholders. With more than 449,000 people serving clients in more than 120 countries, Accenture drives innovation to improve the way the world works and lives.
With over 3000 skilled professionals in Romania, Accenture provides top-quality services from Bucharest, Timisoara, Cluj Napoca, Targu Mures, Iasi and Brasov, for companies operating in a broad range of industries such as: banking and insurance, telecommunications, automotive, FMCG, energy and resources.
We focus equally on employees’ development by creating a culture of excellence and offering extensive training programs that support professional growth.
Our Romania headquarter office is located in Bucharest, in Westgate Office Park, and we deliver services to our clients from the following offices: Brasov, Cluj, Tg. Mures, Timisoara, Iasi.
Find the latest news and information about our offices and get in touch with us on our Facebook Page - Accenture in Romania or on our website - accenture.ro/cariere.
- Successfully completed university studies in the field of computer science or engineering, preferably with a focus on IT security, cyber security or information security
- 3+ years of working experience in at least two of the following areas: Security Monitoring Implementation and Support, including Incident response (SIEM – ArcSight, Splunk, DLP etc.), Cyber Security (Enterprise Penetration Testing, Adversary Hunting, IoT/Embedded Security etc.), Infrastructure Security (IPS/IDS, NextGen Firewalls, VPN technologies, AntiSpam, Proxy,etc.), Identity and Access Management (Oracle Identity Management, Sailpoint IdentityIQ, Forgerock, Oracle Access Management, RSA etc.), Application Security (Data security & privacy, APIs Security, SSDLC, Threat modeling etc.)
- Sound knowledge and pronounced interest in IT security
- Experience in implementing security controls to improve system/platform overall security
- Current understanding of Industry trends and emerging threats
- Knowledge in security standards and regulations: NIST, ISO, PCI DSS, GDPR, PSD2
- Ability to work independently and pro-actively contribute in a global team environment
- Excellent interpersonal, organizational, documentation, and communication skills; able to concisely communicate security risks to both technical and business audiences
- Presentation skills with a high degree of comfort delivering presentations to both large and small audiences
- Understanding of applications, server, and network security and compliance requirements (including operational requirements needed to be GDPR compliant)
- Knowledge and experience with identifying and understanding the most common application security vulnerabilities (OWASP Top 10)
- Fluency in English
- Travel availability
Nice to have:
- Previous technical background in:
• Web application development/ architecture or related fields
• JAVA, .NET, PHP, Ruby, Perl, Python and/or C/C++ experience
- Industry certification from vendors: ISC2, ISACA, GIAC, EC-Council, CompTIA, ITIL, Comptia Security +
- Knowledge in Risk and Compliance Management, Operational Models, Business Continuity Plan, Disaster Recovery Plan
- Solid understanding of network services, vulnerabilities, and attacks
- Knowledge of SIEM tools / Log Analysis
- Experience in security assessment for enterprise products using different tools, manual penetration testing methods and code review
- Experience in risk assessments in connection with GDPR requirements, including data security, security breach notifications, privacy by design and fair processing
- Understanding of emerging IoT/Mobile technologies and communications protocols
- Experience developing IoT solutions by getting hands one experience with devices and code
- Hands-on experience with IT security in the cloud environment as an architect, in development and/or operation, especially AWS and Microsoft Azure
- Previous experience in adjacent areas such as, Security Operations Center, Network Operations Center, System Administrator, Platform/Tool Support Engineer, IT Helpdesk support
- Work with clients to review security requirements and assess the security posture to identify gaps or improvements
- Consulting on and conception of solution modules for the secure design of applications, products and solutions of Accenture clients worldwide
- Participates in designated projects, developments or business initiatives, advising on information security risks
- Play an active role in developing security technical architecture design which supports a robust technology solution, taking into account the client business priorities, technical requirements and client specific security requirements
- Translate business processes in technical requirements and implementation
- Research and development in the field of IT security, including the topics of secure architectures, web security, cloud computing security and IoT
- Supports the development and implementation of the Data Protection Policy (including GDPR)
- Perform design and implementation security reviews
- Design and implement technical solutions to harden our clients’ platform