Senior IT Security Analyst
Inetum is an IT services company that provides digital services and solutions and a global group that helps companies and institutions to get the most out of digital flow. The Inetum group is committed towards all these players to innovate, continue to adapt and stay ahead. With its multi-expert profile, Inetum offers its clients a unique combination of proximity, a sectorial organization and solutions of industrial quality. Operating in more than 26 countries, the Group has nearly 27,000 employees and in 2020 generated revenues of €1,965 billion.
Inetum Romania is an important player in the IT services and solutions market in our country, with over 14 years of activity. It is a stable, growing and profitable company with over 500 employees who provide, from the service centers in Bucharest, Pitesti and Constanta, IT consulting services, infrastructure and software development services, digital services, solutions for Smart City.
Vulnerability scans and findings remediation ;
Working knowledge of software vulnerabilities (i.e., SQL Injection, XSS, buffer overflows)
Working knowledge of scripting languages (i.e., PowerShell, Python)
Experience with SIEM ; security event logging & monitoring analyzers ;
Experience with DLP ;
Intrusion Detection/Prevention System (IDS/IPS) and firewall logs ;
Performs system and network security audits ;
Anti-virus products ;
Single SignOn Architectures (SSO) ;
HTTP and TCP/IP analysis ;
Working knowledge about firewalls, Proxy, WAF ;
Pentests and findings remediation ;
Working knowledge of Public/Private Key Infrastructure and the management of digital certificates ;
Basic to intermediate knowledge of Endpoint Protection solution in an enterprise environment ;
General knowledge of Linux and Windows Operating Systems with the focus of security administration.
• Manage open security requests and incidents to ensure all work is delivered on time and with high quality ;
• Perform information security control reviews :
• Identify and analyze risks to determine the adequacy of existing security controls ;
• Respond to open security issues to mitigate risks ;
• Investigate security breaches and other cybersecurity incidents ;
• Apply security policies and measures to protect systems and information infrastructure, including firewalls and data encryption programs ;
• Analyze and classify the preliminary risk profile for applications and systems and highlight the information security risk factors based on company policies ;
• Document security breaches and assess the damage they cause ;
• Fix detected vulnerabilities to maintain a high-security standard ;
• Complete and present to security management and business sponsors a risk assessment evaluation articulating risk and impact analysis when security controls cannot be met by an initiative to ensure transparency and appropriate level of acceptance ;
• Maintain Information Security policies, standards, procedures, technical security baselines as applicable ;
• Regularly contribute to monthly reporting of information security risk treatment, mitigation, and risk metrics ;
• Develop company-wide best practices for IT security - user awareness.