Information Security Expert
Information Security Expert
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
Take a step forward and let Edenred surprise you.
Every day we deliver innovative solutions to improve the life of millions of people connecting employees companies and merchants all around the world.
We know there are hundred ways for you to grow. With us you will expand your skills in a multicultural challenging and dynamic environment.
Dare to join Edenred and get ready to thrive in a globalcompany that will offer you endless opportunities.
Edenred is all about meritocracy. You come as you are and you contribute. Indeed the Edenred Group recognizes recruits and develops all talents and singularities.
We are committed to preventing all forms of discrimination and to providing all our candidates with equal opportunities regardless of their gender and gender expression disability origin religious belief and sexual orientation or any other criteria.
- ABOUT EDENRED
Our 10000 employees are committed to making the world of work a better place for all one that is safer more efficient and more user-friendly. At Edenred our passion for customers respect imagination simplicity and entrepreneurial spirit are our values. For anyone who needs to vibe in their professional life we are the best place for you to work and grow.
The Edenred Digital Center (EDC) in Bucharest Romania is Edenred Groups largest Digital hub for strategic Tech projects.
- Context/ ROLE
Edenred is implementing a worldwide strategy to improve IT security & compliance and protect the business. This strategy is sustained by 4 major pillars.
1. PEOPLE - Anchor cyberculture in the company with best practices awareness training
2. RULES - Enforce IT security policies applicable to the whole Group
3. DELIVERY - Implement global IT security projects & services to improve the security level
4. PERFORMANCE - Develop a culture of control & performance to assess the improvements
We are looking for an Information Security Expert to be a member of the Global Security Team.
- n SCOPE & Key Responsibilities
Reporting to EMEA Information Security Leader the IT Security Governance Expert will support the EMEA zone of Mobility Business Line to improve governance quality and accelerate delivery.
She/He will be an essential support in the region to improve the IT Security and Resilience of the BUs according to our roadmap and strategy: identify protect & comply detect respond recover and train.
This position is an opportunity for she/he to work on strategic applications and projects with many experimented and involved business and IT stakeholders. It will be key to demonstrate project management skills have a clear understanding of the topics and propose organizational and/or technical solutions to reach the objectives.
- What you will do
- Roll out the Security Program at Business Line level including:
- Security Committees & KPIs: preparation & collection of information and of deliverables
- Maturity: roadmap implementation of security control framework in the Business Units
- Manage Security Awareness process.
- IAM: deploy process/tool add automation to access reviews.
- SCA/MFA: Coordinate the SCA/MFA implementation.
- PAM: Coordinate the implementation of PAM solution.
- Act as the primary point of contact for client security inquiries and assurance requests ensuring alignment with our security controls
- Develop and maintain a third-party risk management framework that aligns with our security controls to assess and monitor the security posture of vendors and partners.
- Coordinate the IT & Security resilience process supporting BU to build perform/maintain Group IT & security resilience controls.
- Update BIA definition and plan IT DRP implementation & exercises
- Perform Cyber security incident response tabletop exercises.
- Managing cyber security incident in close collaboration with business technology legal stakeholders and CIRT
- Ensure secure development process lifecycle for business top products and applications.
- Security by Design applied for the new business-critical products/applications using Agile methodology and integrating into CI/CD.
Key Stakeholders:
The Information Security Leader will mainly interact with internal stakeholders:
- At BU level
- IT Leaders (CTOs)
- IT Application Owners & Business Analysts
- IT Security Architecture & Infrastructure Leaders
- Data Protection Correspondent (DPC)
- Human Resources Legal and Business teams
- At region/zone business line and global level
- Zone IT Security Leader (N1)
- IT Security Center of Expertise (AppSec IAM IT Compliance & Resilience Cyber-Program Security Operations)
- Other Global functions in Global Technology (architecture and infrastructure)
Experience
- Significant experience within the Information Security field (5 years)
Contract type
- Permanent contract full time including regular business trips to the BUs.
collaborative atmosphere
- Knowledge and skills
Soft skills:
- Pragmatic and solution oriented
- Result and performance oriented with a can-do attitude and be able to persuade/ influence others in the organization.
- Clear concise reporting outlining key points
- Work independently with agreed remit and autonomy
- Passionate about functional and technical subjects with a proven and successful experience in deploying projects in conjunction with international IT and business leaders
- Manage several requests and parallel work streams
Language fluent in English both written and spoken.
Hard skills:
- A significant experience in the following domain is essential: IT & Cyber security Resilience operations (incl. BIA DRP BCP)
- Experience in at least two of the following domains is expected: Identity & Access Management (IAM) IT security incident response cloud security vulnerability management.
- A good knowledge of cyber risk frameworks (e.g. NIST ISO 27001 CIS) ) and regulatory requirements (e.g. GDPR HIPAA) secure development best practices or payment solutions security will be appreciated.
Nice to have:
- You possess a certificate in risk/security (CISA CISM or CISSP) or equivalent.
- VIBE WITH US
Joining us means:
- Taking part in an ambitious corporate project
- Becoming part of a team that embraced the digitalization challenge and enjoys this transformation every day
- Living our values every day: passions for customers respect imagination simplicity entrepreneurial spirit.
Because:
- You will greatly contribute to build the project that will improve the customers experience on an international level
- You will get exposure to various global cultures and teams
- You will be working with the newest technologies to build new platforms
- We offer you a very pleasant working environment in the heart of Bucharest
- We also have for you: meal tickets holiday vouchers health subscription flexible hours work from home flexible benefits system on-the-job training & e-learning platforms.
And we do not stop here!
- Other details
- Expected start date: Early Q4 2025
- Location: Bucharest Romania
Apply now and Vibe with Us!
Employment Type
Full-Time
