Team Leader IT Security Officer

Angajator: Vauban
Domeniu:
  • IT Software
  • Tip job: full-time
    Nivel job: > 5 ani experienta
    Orase:
  • BUCURESTI
  • Actualizat la: 14.11.2018
    Scurta descriere a companiei

    Vauban is a great independent Romanian Group with more than 11 years of sustainable and healthy growth. We do focus on innovation, learning, entrepreneurship and capacity to find new solutions. The company figures are +450 consultants, +100 clients, having locations in Romania and France.
    Our teams daily deliver Technology Services as consultancy (missions at clients’ premises), and also from our delivery center (integration & application development in digital and BI, Software as a Service management, Production, security and infrastructure).
    Vauban is also the Romanian partner with Top premium software editors, leader in data governance and security, being responsible to integrate the solutions and to ensure local support.

    Cerinte

    • Communication and negotiation skills;
    • Analysis and synthesis capability;
    • Correlation capacity between events;
    • Distributive attention;
    • Results and customer oriented;
    • Team spirit;
    • Self-organizing capacity;
    • Punctuality in carrying out tasks;
    • Independent working capacity;
    • Initiative;
    • Good interpersonal skills at all levels;
    • Self-Motivated;
    • Flexible and able to adapt to change;
    • A highly visible people oriented style with the assertiveness, determination and relationship building skills to challenge objectives and ensure positive results;
    • Good influencing skills and a positive opinion leader;
    • Positive, enthusiastic attitude;
    • Calm and patient under pressure;
    • Must demonstrate drive and enthusiasm to take positive action and progress projects to a conclusion.

    Responsabilitati

    Job’s objectives
    • Manage Group Cyber Security framework to control IT & Cyber Security risks;
    • Management of the IT security and risk control plan;
    • Establish Cyber Security requirements for partners (3rd parties);
    • Improves business continuity through IT security and risk controls;
    • Presents reports, risks assessments and the relevant information to management;
    • Perform technology and regulatory watch in domain of competence;
    • Member of the first line of defense and directly reports to the CEO.

    Governance
    • Implement and provide Governance ITRM Group framework and supporting processes for the IT Governance, Compliance, Continuity & Security domains;
    • Provide Governance for security activities within company, in accordance with Group requirements, Best practices and Industry standards.

    IT Risk & Cyber Management framework
    • Implement the IT Risk framework as per policy ITG0051 for IT Security, IT Continuity, IT Compliance & IT Governance;
    • Ensure alignment of practices (i.e. risk evaluation criteria and thresholds, risk matrices/heatmaps) across all risk domains in accordance with Group practices;
    • Supervise IT risk management as per ITG0051, focusing Information Security, Compliance & Continuity;
    • Assemble risk scenarios to estimate the likelihood and impact of significant events to the organization. Maintain a risk register to ensure that all identified risk factors are recorded;
    • Establish enterprise risk management strategy & present to local Management;
    • Manage Risk Acceptance Forms and ensures Accepted Risks are reviewed regularly;
    • Develop a IT risk awareness program and conduct training to ensure that:
    a. Stakeholders understand risk and contribute to the risk management process
    b. Promote a IT risk-aware culture
    • Support implementation of risk response plans ensuring that risk factors and events are addressed.

    IT Risk Monitoring (delegated to Security Team Members)
    • Monitor and report deviations to the IT Risk framework;
    • Monitor risk and inform relevant stakeholders ensuring effectiveness of risk management strategy. This includes the monitoring of response plans;
    • Request independent risk and process reviews to ensure that risks are managed effectively;
    • Report risk & compliance, initiate corrective actions and meet business and regulatory requirements.

    IT Control Execution (delegated to Security Team Members)
    • Perform Group controls. Perform locally defined controls;
    • Evaluate the current state of process maturity & compare to targeted maturity;
    • Identify control deficiencies and maturity gaps. Ensure that deficiencies are appropriately considered and remediated;
    • Maintain adequate evidence to support conclusions on the existence and operating effectiveness of controls.

    3rd Party Management
    • Manage 3rd party suppliers from a Security, Compliance and Continuity perspective, in such a way that Group requirements are met. Reviews quality of service in competence domain.

    Cyber Security Incident Management
    • Implements and manages Cybersecurity Incident Response plan. Ensures plan is comprehensive and effective. Ensures that all involved partners are prepared and aware of their role
    • Leads CSIRT team. Negotiates with partners, Group and 3rd parties to ensure adequate coverage – including skillset and equipment.
    • Liaise with Data Protection Officer & Chief Data Officer

    Team Management
    • Manage Security Team. Participate in management meetings focusing on Security aspect of initiatives;
    • Estimate effort, priority, skillset. Performs resource management. Prioritizes initiatives in order to meet requirements and planned activities;
    • Grows, develops and motivates team members

    Alte informatii

    Benefits:
    • Annual bonus (correlated with performance);
    • Meal tickets (9,57 Ron/ticket);
    • Medical subscription for employee and his children – Sanador;
    • 24 vacation days;
    • Gym discounts - 7Card;
    • Bookster - virtual library;
    • 1day/work from home (after 3 months);
    • Christmas party.