Cyber Risk Architect
Inetum is an agile IT services company that provides digital services and solutions and a global group that helps companies and institutions to get the most out of digital flow.
Vauban, the Romanian division of Inetum, is an important player in the IT services and solutions market in our country, with over 13 years of activity. Vauban has over 450 employees who provide, from the service centers in Bucharest, Pitesti and Constanta, IT consulting services, infrastructure and software development services, digital services, solutions for Smart City.
This position is aligned within the CSO Enterprise Security Architecture (ESA). ESA develops, refines, and implements the cyber architecture risk management process with a focus on holistic security risk reduction, efficiency and effectiveness. This is achieved through development and enforcement of capability designs, security pillars, and ensuring project security architectures are compliant with the bank’s policies, procedures, and IS controls.
As a Cyber Risk Architect, the candidate will be responsible for assessing the security architecture design of various applications and platforms within the bank using a risk-based approach to confirm compliance. The candidate, will facilitate the understanding and shaping of end-to-end security strategy, governance, and architecture across IT projects, architectures, and designs. The candidate will also be responsible for assisting in the transition to a more agile environment, executing tasks designed to streamline the enterprise security architecture processes of the bank.
Additionally, the candidate will:
• Engage with other bank elements to assist all security architecture assessment efforts in integrating with Bank's overall IT vision/strategy/architecture
• Support the Lead Cyber Risk Architect on IT security strategic planning, risk analysis and other related topics as necessary
• Follow direction, oversight, advice and guidance to maintain a culture of architectural excellence: ‘Do it once, do it right’
• Documented experience assessing/measuring risk
• General understanding of cybersecurity threats, vulnerabilities, protection measures, and technologies faced by organizations
• Knowledge of the cybersecurity industry and techniques applied to both measure and reduce risk
• Excellent team member, able to work well in teams and in a matrix organization
• Strong stakeholder management & communication skills
Technical Skills and Certifications:
Cybersecurity certification, such as: CompTIA Security+, GIAC certification, Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), or Certified Information Systems Manager (CISM).
Desirable Skills and Certifications:
Experience working in large multilayer global organizations with competing IT interests and goals
People Management :
• Actively supports the business strategy, plans and values, contributing to the achievement of a high performance culture
• Takes ownership for own career management, seeking opportunities for continuous development of personal capability and improved performance contribution
• Acts as a role model for new employees, providing help and support to facilitate early integration and assimilation of their new environment
• Experience with information security governance in an enterprise setting
• Familiarity with cyber security architecture using trusted computing model
• Working knowledge of security services such as encryption, authentication, and intrusion detection and prevention architectures, Identity & Access Management, application security and network security
• Strong team player - flexible, adaptable and able to work in fast paced environment
• Able to share information, transfer knowledge and expertise to team members
• Ability to search through existing bank resources to identify answers to architecture, process, and organizational questions
• Documented experience with requirements definition and specifications
• Experience testing software and measuring against documented requirements
• Ability to organize, transform, and report data using Excel
• Strong presentation skills and an ability to develop easy to understand PowerPoint briefs that utilize both text and graphics to relay information
• Working knowledge of IT management frameworks such as Control Objectives for Information and Related Technology (COBIT) and Information Technology Infrastructure Library (ITIL)
• Familiarity with ISO 27001, 27002, and 27005.
• Security auditing to include knowledge of financial industry regulations: Gramm-Leach Bliley Act (GLBA), Payment Card Industry (PCI), and Federal Financial Institutions Examination Council (FFIEC), Monetary Authority of Singapore (MAS)
• Experience working with a Global Financial Insititution
• Bachelor’s degree in Computer Science, Computer Engineering, or Information Systems degree (preferred)
• 5-7 years of progressive cybersecurity experience