Senior Security Analyst

Acest job nu mai este activ!

Vezi toate job-urile Vauban active.

Vezi toate job-urile Senior Security Analyst active pe

Vezi toate job-urile in IT Software active pe

Angajator: Vauban
  • IT Software
  • Tip job: full-time
    Nivel job: > 5 ani experienta
  • Actualizat la: 14.11.2018
    Scurta descriere a companiei

    Vauban is a great independent Romanian Group with more than 11 years of sustainable and healthy growth. We do focus on innovation, learning, entrepreneurship and capacity to find new solutions. The company figures are +450 consultants, +100 clients, having locations in Romania and France.
    Our teams daily deliver Technology Services as consultancy (missions at clients’ premises), and also from our delivery center (integration & application development in digital and BI, Software as a Service management, Production, security and infrastructure).
    Vauban is also the Romanian partner with Top premium software editors, leader in data governance and security, being responsible to integrate the solutions and to ensure local support.


    • Graduate studies completed with a Bachelor's degree;
    • Languages: English fluent, Romanian;
    • Communication and negotiation skills;
    • Analysis and synthesis capability;
    • Correlation capacity between events;
    • Distributive attention;
    • Results and customer oriented;
    • Team spirit;
    • Self-organizing capacity;
    • Punctuality in carrying out tasks;
    • Independent working capacity;
    • Initiative;
    • Required work experience (length of specialty required by post): minimum 3 years.


    Main Objectives
    • Implement Group Cyber Security objectives to control IT & Cyber Security risks;
    • Supports projects, initiatives, including Security Evaluation;
    • Ensures that Risk Acceptance Forms are current and participate in Risk Review;
    • Performs Security Assessments, confirming adequacy of Security Measures;
    • Confirms that adequate measures are in place via regular reviews;
    • Monitors existing environment for Threats. Performs ad-hoc reviews when needed;
    • Acts as escalation Point for Security Issues;
    • Creates Security procedures in such a way that all repeatable tasks are documented and appropriate
    • tasks are handed to the Security Analyst.

    • Apply ITRM Group framework and supporting processes for the IT Governance, Compliance,
    • Continuity & Security domains;
    • Provide technical guidance for security activities within company, in accordance with Group requirements,
    • Best practices and Industry standards;
    • Support initiatives that require Security assessment & execution;

    IT Risk & Cyber Management framework
    • Apply IT Risk framework as per policy ITG0051 for IT Security, IT Continuity, IT Compliance & IT Governance;
    • Alignment of practices (i.e. risk evaluation criteria and thresholds, risk matrices/heatmaps) across all risk domains in accordance with Group practices;
    • Implement IT risk management as per ITG0051, focusing Information Security, Compliance & Continuity;
    • Inspect risk scenarios to estimate the likelihood and impact of significant events to the organization.
    • Participate in assesment of assets & applications;
    • Reviews developments on Risk Acceptance Form Action plan and ensures progress is validated from a technical perspective, on a regular basis;
    • Support the IT risk awareness program and advocate Group best practices;
    • Review risk response plans ensuring that risk factors and events are addressed – from a technical perspective in competency domain;

    Cyber Security Incident Management
    • Subject Matter Expert for Cybersecurity Incident Response plan. Technical leader of the local CSIRT team,
    • acts as escalation point. Ensures Incident Management plan is operational and covers all defined scenarios. Tests readiness and performs Red Team exercises.
    • Leads CSIRT team from a technical perspective.

    IT Risk Monitoring
    • Monitor and report deviations to the IT Risk framework;
    • Consult on risk and inform relevant stakeholders of noted deviations. This includes the technical review of response plans.
    • Support independent (external, Inspection Generale) risk and process reviews.
    • Support risk & compliance, initiate corrective actions.

    IT Control Definition
    • Identify opportunities for local controls. Conduct risk analysis and validate with manager.
    • Implement validated controls;
    • Support process maturity increase & automate repeatable processes;
    • Identify control deficiencies and maturity gaps. Ensure that deficiencies are remediated and the solution is validated.

    Alte informatii

    • Annual bonus (correlated with performance);
    • Meal tickets (9,57 Ron/ticket);
    • Medical subscription for employee and his children – Sanador;
    • 24 vacation days;
    • Gym discounts - 7Card;
    • Bookster - virtual library;
    • 1day/work from home (after 3 months);
    • Christmas party.