IT Security Senior Analyst – with French
Inetum is an agile IT services company that provides digital services and solutions and a global group that helps companies and institutions to get the most out of digital flow.
Vauban, the Romanian division of Inetum, is an important player in the IT services and solutions market in our country, with over 13 years of activity. Vauban has over 450 employees who provide, from the service centers in Bucharest, Pitesti and Constanta, IT consulting services, infrastructure and software development services, digital services, solutions for Smart City.
• Graduate / Post Graduate;
• Advanced IT Security background;
• Presentation skills (sales), pedagogy, didactics (adapted speech in non-it language), diplomacy
• Advanced level in French (>=C1) and English (>=B2) is a must;
• Basic security networking background;
• Good command of Microsoft Office, with focus on Excel and Power Point;
• Understanding of operational risk assessment;
• General knowledge of external cyber threats like phishing, malware and virus attacks;
• Able to manage multiple projects at the same time with multiple external partners;
• Fast and independent learner, able to work both with and without fixed procedures;
• Previous experience in performing risk analysis in business projects.
• Perform security risk analysis following Group methodologies on business projects including providers and partners;
o Ensure security is considered in business projects by performing risk analysis (identify security requirements, residual risks etc.);
o Raise awareness among the partners/providers on the importance and necessity of respecting the company security framework; synthesize information in a clear and easily readable format for partners/providers and make sure the security expectations are well understood;
o Become aware of the business context and the necessities of each provider/partner; act with diplomacy to create solid business relations with those stakeholders;
o Perform the security assessments of the Assurance’s applications based on the group methodology ASA (Application Security Assessment) getting inputs from business owners;
o Request for security requirements such as penetration testing and integrate results in the risk analysis;
• Offer security support
o In handling requests of derogation from the Group’s security policies, regarding website access, application installation, information flow etc.
o To other security requests such as route opening;
• Contribute to the GDPR program, application and data security part (Risk Analysis, update the security documents, business restitution, etc.);
• Contribute to the audit / evaluation of suppliers (partners, delegates, etc.);
• Participate in the realization of monthly and quarterly monitoring by updating security referential;
• Propose ideas for improving or optimizing the internal procedures and methodologies to make them more efficient or adapted to our stakes.
• Communication skills to liaise with various stakeholders and share knowledge within the team;
• Adaptability skills to deal with different situations (different topics, different stakeholders, different IT applications);
• Pragmatism skills to quickly identify relevant information and focus on risks;
• Team spirit skills;
• Confidentiality skills;
• Certifications in the requested fields (e.g. CISSP, CISM, ISO 27001 Lead Implementor, ISO 27005, etc.)
• Security architecture knowledge; security background in Cloud, Agile, API, Big Data, IAM.
• Interesting salary conditions
• Undetermined period of contract
• Career plan (professional, academic and financial)
• Medical insurance
• Official training's and certifications
• Lunch tickets
• Work from home 2 days a week
• Yearly professional evaluation
• Professional and friendly working environment