IT Security Incident Expert

Bucharest - Romania

Monthly Salary: Not Disclosed

Posted on: 16 hours ago

Vacancies: 1 Vacancy

Job Summary

Take a step forward and let Edenred surprise you.

Every day we deliver innovative solutions to improve the life of millions of people connecting employees companies and merchants all around the world.

We know there are hundred ways for you to grow. With us you will expand your skills in a multicultural challenging and dynamic environment.

Dare to join Edenred and get ready to thrive in a globalcompany that will offer you endless opportunities.

Edenred is all about meritocracy. You come as you are and you contribute. Indeed the Edenred Group recognizes recruits and develops all talents and singularities.

We are committed to preventing all forms of discrimination and to providing all our candidates with equal opportunities regardless of their gender and gender expression disability origin religious belief and sexual orientation or any other criteria.

ABOUT EDENRED

Edenred is a pioneer a tech leader and the everyday companion for people at work across more than 44 countries.

Our 12000 employees are committed to making the world of work a better place for all one that is safer more efficient and more user-friendly. At Edenred our passion for customers respect imagination simplicity and entrepreneurial spirit are our values. For anyone who needs to vibe in their professional life we are the best place for you to work and grow.

The Edenred Digital Center (EDC) in Bucharest Romania is Edenred Groups new Digital hub for strategic IT projects.

Context/ROLE

As part of the Edenred Global Information Security Team (lead by the Edenred Global Chief Information Security Officer) this position will be reinforcing the currently existing Security Operations Team which manages and supervises security incidents & alerts leads the Security Operations Center and improve security on our Infrastructures. The Security Operations Team works with IT and business management to ensure proper end to end management of security incident from detection to resolution and post incident action plans.

Position SCOPE & Key Responsibilities

The IT Security Incident Expert will be reporting directly to the Computer Emergency Response Team lead within the Incident Response Team.

The IT Security Incident Expert will:

Contribute to the development of the Edenred Computer Emergency Response Team based on the Security Operations Team capabilities the Global Centers of Expertise and the Information Security leaders in the Business Units.
Triage investigate and resolve security alerts across SIEM EDR email security cloud security and network telemetry.
Act as a Security Incident Manager for priority incidents: drive incident command comms runbooks and crossteam coordination to resolution.
Report security incidents in a timely manner with calibrated report and communication according to the targeted stakeholders (Line Management C-Level Data Privacy Business Line Business Units Technology teams etc.).
Work closely with Edenred Security Operation Center (SOC) Application owners IT infrastructures & operations business owners and local CISO to update and create detection use cases.
Improve alert logic: build/tune SIEM/SOAR/EDR detections refine use cases add context enrichment and reduce false positives.
Design and build security Playbooks and procedures to SOC Centers of Expertise and BU to manage security incidents. Playbooks refer to a specific procedure to deploy to respond to a specific type of incident threat or risk. Implement threat intelligence and threat hunting activities
Perform root-cause analysis and lead post-incident reviews with actionable remediation and detection enhancements.
Ensure that legal or regulatory requirements are respected (working closely with Legal department and Data Privacy).
Collaborate with Threat Intel Platform and IT to close control gaps and strengthen preventive/detective posture.

As part of Global Security Operations Team and depending on your background you will also be part of other topics addressed by the Global IT security team.

The Security Operations Expert will interface with many stakeholders in Technology Business and support functions (e.g. Legal & Data Privacy Risk Management Human resources) and from many countries/regions (Head quarter EMEA Americas APAC). It will give you the opportunity to acquire a good understanding of all Edenreds activities and their evolution. This will be excellent levers to continuity your career within Edenred.

Required skills & profile

Experience

6 years in SOC IR or Detection Engineering roles.
Strong experience with SIEM (e.g. Splunk) EDR/XDR (e.g. Defender TrendMicro CrowdStrike) SOAR and Azure technologies.

Nice to have:

Experience in IT incident management
Knowledge of attacker TTPs (MITRE ATT&CK) Windows/AD/Linux fundamentals cloud (M365/Azure/AWS) and network security.
Certification in information security (or related) such as GIAC CISSP Azure Security
Experience with threat hunting purple teaming and log engineering.

Languages:

Mandatory: English - Current team split between Paris and Bucharest many interactions with other regions - all meetings and deliverables must be in English
Nice to have: Spanish or French

Soft Skills:

Rigorous and ability to track actions till closing
Ability to report and discuss with non-IT profiles
Ability to analysis details and report summary
Solution oriented

VIBE WITH US

Joining us means:

Taking part in an ambitious corporate project
Becoming part of a team that embraced the digitalization challenge and enjoys this transformation every day
Living our values every day: passions for customers respect imagination simplicity entrepreneurial spirit.

Because:

You will greatly contribute to build the project that will improve the customers experience on an international level
You will get exposure to various global cultures and teams
You will be working with the newest technologies to build a new platform from scratch
We offer you a very pleasant working environment close to Bucharests city center
We also have for you: meal tickets holiday vouchers health subscription flexible hours work from home flexible benefits system on-the-job training & e-learning platforms.

And we do not stop here!

OUR COMMITMENT

Edenred is all about meritocracy. You come as you are and you contribute. Indeed the Edenred Group recognizes recruits and develops all talents and singularities.

Apply now and Vibe with Us!

Take a step forward and let Edenred surprise you.Every day we deliver innovative solutions to improve the life of millions of people connecting employees companies and merchants all around the world.We know there are hundred ways for you to grow. With us you will expand your skills in a multicultura...

Take a step forward and let Edenred surprise you.

Every day we deliver innovative solutions to improve the life of millions of people connecting employees companies and merchants all around the world.

We know there are hundred ways for you to grow. With us you will expand your skills in a multicultural challenging and dynamic environment.

Dare to join Edenred and get ready to thrive in a globalcompany that will offer you endless opportunities.

Edenred is all about meritocracy. You come as you are and you contribute. Indeed the Edenred Group recognizes recruits and develops all talents and singularities.

ABOUT EDENRED

Edenred is a pioneer a tech leader and the everyday companion for people at work across more than 44 countries.

The Edenred Digital Center (EDC) in Bucharest Romania is Edenred Groups new Digital hub for strategic IT projects.

Context/ROLE

Position SCOPE & Key Responsibilities

The IT Security Incident Expert will be reporting directly to the Computer Emergency Response Team lead within the Incident Response Team.

The IT Security Incident Expert will:

Contribute to the development of the Edenred Computer Emergency Response Team based on the Security Operations Team capabilities the Global Centers of Expertise and the Information Security leaders in the Business Units.
Triage investigate and resolve security alerts across SIEM EDR email security cloud security and network telemetry.
Act as a Security Incident Manager for priority incidents: drive incident command comms runbooks and crossteam coordination to resolution.
Report security incidents in a timely manner with calibrated report and communication according to the targeted stakeholders (Line Management C-Level Data Privacy Business Line Business Units Technology teams etc.).
Work closely with Edenred Security Operation Center (SOC) Application owners IT infrastructures & operations business owners and local CISO to update and create detection use cases.
Improve alert logic: build/tune SIEM/SOAR/EDR detections refine use cases add context enrichment and reduce false positives.
Design and build security Playbooks and procedures to SOC Centers of Expertise and BU to manage security incidents. Playbooks refer to a specific procedure to deploy to respond to a specific type of incident threat or risk. Implement threat intelligence and threat hunting activities
Perform root-cause analysis and lead post-incident reviews with actionable remediation and detection enhancements.
Ensure that legal or regulatory requirements are respected (working closely with Legal department and Data Privacy).
Collaborate with Threat Intel Platform and IT to close control gaps and strengthen preventive/detective posture.

As part of Global Security Operations Team and depending on your background you will also be part of other topics addressed by the Global IT security team.

Required skills & profile

Experience

6 years in SOC IR or Detection Engineering roles.
Strong experience with SIEM (e.g. Splunk) EDR/XDR (e.g. Defender TrendMicro CrowdStrike) SOAR and Azure technologies.

Nice to have:

Experience in IT incident management
Knowledge of attacker TTPs (MITRE ATT&CK) Windows/AD/Linux fundamentals cloud (M365/Azure/AWS) and network security.
Certification in information security (or related) such as GIAC CISSP Azure Security
Experience with threat hunting purple teaming and log engineering.

Languages:

Mandatory: English - Current team split between Paris and Bucharest many interactions with other regions - all meetings and deliverables must be in English
Nice to have: Spanish or French

Soft Skills:

Rigorous and ability to track actions till closing
Ability to report and discuss with non-IT profiles
Ability to analysis details and report summary
Solution oriented

VIBE WITH US

Joining us means:

Taking part in an ambitious corporate project
Becoming part of a team that embraced the digitalization challenge and enjoys this transformation every day
Living our values every day: passions for customers respect imagination simplicity entrepreneurial spirit.

Because:

You will greatly contribute to build the project that will improve the customers experience on an international level
You will get exposure to various global cultures and teams
You will be working with the newest technologies to build a new platform from scratch
We offer you a very pleasant working environment close to Bucharests city center
We also have for you: meal tickets holiday vouchers health subscription flexible hours work from home flexible benefits system on-the-job training & e-learning platforms.

And we do not stop here!

OUR COMMITMENT

Edenred is all about meritocracy. You come as you are and you contribute. Indeed the Edenred Group recognizes recruits and develops all talents and singularities.

Apply now and Vibe with Us!