Application Security Analyst with Advanced French

This job is no longer active!

View all jobs Karalius Consulting and Engineering active


View all jobs Application Security Analyst with Advanced French active on Hipo.ro

View all jobs Banks - Financial Institutions active on Hipo.ro

View all jobs IT Hardware active on Hipo.ro

View all jobs IT Software active on Hipo.ro


Employer: Karalius Consulting and Engineering
Domain:
  • Banks - Financial Institutions
  • IT Hardware
  • IT Software
  • Job type: full-time
    Job level: 1 - 5 years of experience
    Location:
  • BUCHAREST
  • nationwide
    Updated at: 20.02.2017
    Remote work: On-site
    Short company description

    Our company was founded in August 2015 and our main objective consists of outsourcing the software development services provided to the European clients of Karalius Group, which unfold their activity in Romania. Another fundamental objective for us is broadening our area of activities, managing to offer our services to other potential interested companies, based in Bucharest.

    Requirements

    • Skills in Information System to discuss with the IT interlocutors and knowledge in Banking system to understand Business representatives,
    • Application and Infrastructure security expertise,
    • Have already managed security risk analysis and defined the IT security recommendations adapted to
    projects and applications scopes,
    • Good relationship skills to lead interviews and adapt its speech according to the interlocutors.
    • The French and English languages must be acquired for a use at a professional level (written, spoken, read: Level B2 / C1).
    • The CISSP, the ISO standard 27000 knowledge (27001:27005) and the banking system knowledge are strongly recommended.

    Knowledge domains

    • The approached domains include the application security requirements definition according to AICT criteria, as well as the evaluation of the Risk impacts for the bank (Financial, Legal, Image, ...), information systems, their infrastructure and their security (authentication, right and access management, database security, data classification, data interchange protocols, etc.).

    TOOLS AND STANDARDS

    • Microsoft Office (Excel, Word, PowerPoint),
    • SG Group and GBIS Security policies (application, data, ...),
    • SAFE tools and documentations used for Security Risk Analysis.

    Responsibilities

    • Interviews with Application Managers (IT representatives) and Application Owners (Business representatives) to assess the sensibility of the applications (ASA - Application Sensitivity Assessment),
    • Security risk analysis on projects or applications (SYCO – Security Contract).

    Operational Objectives:

    • ASA Execution (Application Sensitivity Assessment):
    • Schedule interview meetings with Application Owners and Application Managers,
    • Perform (lead) the interview using ASA document and support Application Owners and Application

    Managers filling the questionnaire,

    • Follow-up the ASA validation process,
    • Perform the follow-up with transversal ASA management.
    Project Risk Analysis Execution (Security Contract – SYCO):
    • Attend to project’s « Routing meeting » (presentation of the project by the Project Managers at the beginning of the projects), leading to project risk analysis,
    • Collect data and information required for the risk analysis from the Project Manager and Application Managers,
    • Formalize and send the security risk analysis and related security recommendations to the project manager using appropriate tools,
    • Support project managers in the implementation of the security recommendations,
    • Validate action plan provided by Application Managers to implement security recommendations.

    Contribute to ASA and SYCO Processes coordination:

    • Help to prioritize ASA and SYCO to be performed per Business Lines,
    • Be the backup of APS team members on same topics. •

    Contribute to Controls execution and reporting:

    • Make sure controls are well performed and data quality is satisfying,
    • Report on its daily activity on a weekly and monthly basis using APS tools.

    Contribute to processes enhancement:

    • Help to improve processes to make them more efficient and relevant.

    AUDIT RECOMMENDATION

    • For ASA and SYCO processes, contribute to answer internal and external audit requests and recommendations on time.

    Other info

    Benefits
    • Competitive remuneration and benefits package, based on qualifications and experience;
    • Possibilities of promotion and development of a career plan;
    • Permanent employment contract.
    • A modern working environment: open, informal, fun and start-up atmosphere

    Job-uri similare care te-ar putea interesa:

    Aplica fara CV
    BUCURESTI,

    Aplica fara CV
    Hybrid

    Hybrid

    Vezi job-uri similare (626)