Information Security Officer
Vauban is a great independent Romanian Group with more than 11 years of sustainable and healthy growth. We do focus on innovation, learning, entrepreneurship and capacity to find new solutions. The company figures are +450 consultants, +100 clients, having locations in Romania and France.
Our teams daily deliver Technology Services as consultancy (missions at clients’ premises), and also from our delivery center (integration & application development in digital and BI, Software as a Service management, Production, security and infrastructure).
Vauban is also the Romanian partner with Top premium software editors, leader in data governance and security, being responsible to integrate the solutions and to ensure local support.
• Education: Degree in Computer Science, Information Technology or related fields.
• Work experience in information security management / consultancy and/or related functions such as IT audit or IT Risk Management;
• Knowledge of information security standards and best practices like ISO 27000 family, PCI-DSS, COBIT 5 framework for information security;
• Knowledge and understanding of the latest European regulations and compliance requirements such as General data protection regulation (GDPR), Payment services Directive (PSD2), The Directive on security of network and information systems (NIS Directive);
• Experience in financial / banking area would be a plus;
• Previous experience as a system / network administrator is a plus;
• Relevant courses or certifications would be an advantage (CompTIA Security+ / CISA / CISM / CEH / CISSP / ISO2700X / PCI DSS).
• Participates in developing and keeping up to date the information security strategy and plans, information security policies and procedures and in monitoring their effective implementation;
• Contributes to the design of the information security architecture of the bank;
• Acts as main contact point for all information security items, issues and incidents;
• Contributes to the implementation of specific processes for handling the information security incidents, monitors their implementation and reports, escalates and manages specific information security incidents;
• Monitors the progress of corrective and preventive IT action plans;
• Analyzes alarms and alerts generated by specialized IT systems (like antimalware, intrusion detection systems, spam filters, SIEM or DLP) in order to identify the potential security threats;
• Handles and manages practical information security activities such as PKI administration, encryption keys management, etc.;
• Key participant and main contact point for all information security related tests, controls and IT audit activities;
• Elaborates and communicates documents and newsletters meant to increase users’ awareness and knowledge on information security issues;
• Provides guidance and support to bank’s employees for any information security related matters;
• Manage the IT risk assessment process including determining inherent risks, controls in place, action plans and residual risks;
• Prepares independent information security reports, when the case.
• Good communication and interpersonal skills;
• Fluency in English, both written and spoken;
• Able to balance daily tasks with projects related tasks;
• Analytical, detail oriented;
• Willingness to learn and experience;
• Planning and organization skills;
• Proficiency with MS Office tools.