Information Security Expert

Employer: Provident Financial Romania
Domain:
  • Banks - Financial Institutions
  • Job type: full-time
    Job level: 1 - 5 years of experience
    Location:
  • BUCHAREST
  • Updated at: 26.09.2020
    Short company description

    Suntem o echipă profesionistă şi primitoare şi împărtaşim aceleaşi valori: respect, responsabilitate, claritate. Succesul nostru se bazează pe oamenii nostri. Atragem, dezvoltăm şi păstrăm oameni talentaţi şi cu abilităţi extraordinare. Ca tine.

    Requirements

    Provident Financial Romania, part of the International Personal Finance (IFP) group, is looking for an Information Security Expert.

    Knowledge:

    • Industry trends and innovations in this field
    • Information Security basics
    • Business continuity management and planning understanding
    • IT Security
    • IT Security tools (SIEM, IDS/IPS, Vulnerability scanners, WAF, DDoS, Firewalls)
    • ISO27001, BS 22301, COBiT and ITIL knowledge
    • GDPR / DPA knowledge

    Abilities:

    • Intermediate knowledge of risk, compliance and security management within an Information Technology environment
    • Knowledge and application of continuous improvement methodology
    • Good written and verbal communication skills
    • Ability to communicate in English
    • Analytical mind set to identify risk and analyze security gaps
    • Strong skills in planning, controlling and monitoring
    • Self-motivation and well organized
    • Strong stakeholder management

    The experience:

    • Financial services knowledge
    • Performed role of Information Security Officer, IT Security Officer and/or Business Continuity Officer
    • Relevant industry experience, min. 3 years

    Responsibilities

    Responsibilities:

    • Responsible for implementing and managing IT security policies, procedures, standards, guidelines and controls regarding information risk, especially in area of IT.
    • Provides advisory service for the global IT community in IPF/Provident/IPF Digital to ensure that across the markets security controls, risk, policies, processes are operated to contain risk, be consistent, compliant and secure.
    • Coordinate security event monitoring & analysis related to security violations, potential vulnerabilities and alerts from detection systems.
    • Supports in the development of remedial action plans for areas of IT that are found to be non-compliant with policies, best practice and /or audit findings.
    • Assess and review IT security controls to minimize the threat of security breach as directed.
    • Coordinate and lead on all internal and external audit responses and support in concluding any remedial action plans.
    • Will provide guidance and input on projects to ensure new or modified IT services are deployed in line with risk, compliance and security procedures and policies.
    • Provides an urgent response service in the event of a security breach.
    • Continuously monitors IT security market, identifies new threats and protection solutions.
    • Manage IT alignment to the corporate Business Continuity Policy by ensuring measures in place to manage IT systems disruptions and recover functionality.
    • Supports the Information Security team.
    • Ensure IT have a robust access management process to prevent unauthorized access.
    • Make sure IT systems are managed and secured adequately to the risk.
    • Ensure required security controls are applied – such as antimalware, anti-virus, log management, encryption.

    Other info

    Other:

    • Periodic international travels (once per month in average)
    • Open to changes / flexible