IT Security Analyst

Edenred is a pioneer, a tech leader and the everyday companion for people at work across the world.
Our 12,000 employees are committed to making the world of work a better place for all, one that is safer, more efficient and more user-friendly. At Edenred, our passion for customers, respect, imagination, simplicity and entrepreneurial spirit are our values. For anyone who needs to vibe in their professional life, we are the best place for you to work and grow.
The Edenred Digital Center (EDC) in Bucharest, Romania is Edenred Group's largest Digital hub for strategic #tech projects.

Experience
-We imagine several possible profiles; with possible adjustments to the position depending on profile:2 5 years of hands-on experience in IT security, or relevant experience.
-Juniors, with already strong autonomy and holding a Degree/Diploma in IT Security, or a Computer-related discipline with strong interest in security, or Risk Management with strong interest in IT technical topics

Knowledge and Skills
-Broad understanding of IT Security practices, inducing the ability to understand technical and compliance topics, if needed with the support of experts, related activities include:Understanding and assessing technical architecture diagrams, or technical designs
-Designing lists of items to check in projects to ensure good security level, that can be based on existing frameworks (for instance NIST, CIS 20)
-Identifying topics related to data protection and work together with data protection teams on those (GDPR)
-Willingness to develop their knowledge and show curiosity for business-related topics, such as:Design and risk associated to products
-Legal requirements applicable to the Edenred environments
-Business goals in projects and applications
-Ability to apply risk analysis approaches (for instance ISO 27005)
-Strong curiosity, willingness to understand more about both technical and business aspects
-Knowledge and understanding of security frameworks and methodologies for security
-Strong ability to adapt and innovate on approaches to suit the context and needs
-Ability to work in an international context
-Knowledge of Azure or equivalent cloud environment will be highly appreciated
-Ability to communicate and work in a transversal manner with different IT teams, including IT Operations, IT Security & Developers.
-Ability to communicate, explain technical topics to a wide variety of actors of different skill levels
-Good level of organization, be able to prioritize task and re-prioritize constantly
- Fluent spoken and written English

Context/ ROLE
As part of the company’s digital transformation, Edenred has launched a major program to improve its security practices.
We are looking for an IT Security Analyst, to be a member of the Central Application Security team. What the team does is to design application security tools, services, processes and guidelines and promote them to Edenred’s local business units, as well as directly applying them for central projects. It includes specialists in different areas including risk analysis, security architecture and secure coding, and works in close relation with other central security teams (IT Compliance & Resilience, Operations Security, Cybersecurity Teams) and Zone heads of security (EMEA, Americas, Asia & Pacific), as well as Business Teams, Legal Teams, Fraud Teams, Architecture, Development, Project Management, Operations Teams.
As part of its activities, the AppSec team provides to all its Business Units tools to be able to quickly assess and define security measures to implement on projects and existing applications, as well as to perform assessments on the level of security of third parties. It also performs complete risk analysis on demand.
A certain level of maturity has been reached on those practices and related tools, but they need to be grown, continuously improved and generalized across all business units. The strategy to do so while keeping a reasonable workload on security teams is to give easy to use tools to business and IT application owners, so they have a very clear understanding of what are the measures they must put in place and limit the security team direct intervention to promoting the approach and studying more in depth innovative or difficult topics, or edge cases.

Responsibilities
Reporting to the Head of Information Security Testing, the IT Security Analyst would be responsible for driving - with the support of the whole team and their expertise - the assessment tools, for both project, applications and third parties, as well as performing some risk analysis together with other team members. The IT Security Analyst is a generalist working with a wide array of profiles. They have a broad technical understanding of security and can understand technical architectures, even though it doesn’t need to be in-depth, and is open and willing to understand the business activities to link together business questions and technical or process-based answers.

The IT Security Analyst will:
-Drive, continuously improve and promote the current security assessment tools by:Following the deployment of those tools, and getting permanent feedback from Application Owners and Local Security Leaders
-Directly perform such assessments on Group-led projects, applications, or contracts
-Including new developments in terms of security tooling, procedures or practices designed by the rest of the security team
-Considering requirements or needs coming for Business Fraud or Data Protection teams
-Support the Business Units and follow the deployment of those tools
-Perform deeper risk analysis on critical or innovative projects
-Improve the understanding of the business risks for Edenred, working together with other departments involved in risk management (mainly fraud management teams and personal data protection teams)
-Adjusting the global proposition of security measures based on Edenred’s activities and current threat landscape

Joining us means:

-Taking part in an ambitious corporate project
-Becoming part of a team that embraced the digitalization challenge and enjoys this transformation every day
-Living our values every day: passions for customers, respect, imagination, simplicity, entrepreneurial spirit.

Because:

-You will greatly contribute to build the project that will improve the customers’ experience on an international level
-You will get exposure to various global cultures and teams
-You will be working with the newest technologies to build a new platform from scratch
-We offer you a very pleasant working environment, in the heart of Bucharest
-We also have for you: meal tickets, holiday vouchers, health subscription, flexible hours, work from home, flexible benefits system, on-the-job training & e-learning platforms.

And we do not stop here!