Security Officer

Whoare we:

is an AI-driven custom software services company with 250 IT specialists with proven expertise in software & product engineering artificial intelligence business intelligence data analytics & integration services.

With offices in Switzerland Germany and 4 delivery centers in Romania we cover the entire development cycle from business research consulting and architecture to post-implementation testing and maintenance.

Our values:

• Partner of Choice: We put our customers at the center of everything we do building authentic trust-based relationships at every level. By deeply understanding their business goals and acting in their best interest we create long-term partnerships that last. Combining industry know-how with cutting-edge technology we become the partner our customers rely on when it matters most.
• Professional: We always deliver! with discipline and excellence on time on budget on quality. Powered by highly skilled teams strong engineering practices and efficient processes we turn complex challenges into reliable high-impact outcomes.
• Authentic: We take ownership of our work and our growth. Guided by a continuous learning mindset we strive to become the best version of ourselves acting with ambition curiosity and an extra-mile attitude in everything we do.
• Team: We believe our strength lies in moving forward together. Trust collaboration and shared accountability enable us to achieve more than we ever could alone. By supporting one another and valuing every contribution we create an environment where people grow excel and deliver real impact. We grow together we learn together we build together

Location and Work Setup: The position is based in the Bucharest Office near Grozavesti metro station with a flexible hybrid way of working.

Key Responsibilities:

• Act to enforce security and information protection policies in accordance with the provisions of the bank Articles of Incorporation and specific regulations;
• Analyse and investigate security incidents assigned directly for resolution or posted in the dedicated application. Analyse and investigate customer complaints and reports regarding information security and confidentiality;
• Utilize threat intelligence feeds to identify emerging risks and correlate with internal telemetry
• Collect and disseminate intelligence across the organization to detect prevent and mitigate cyber threats
• Provide assistance in receiving addressing and reporting critical security incidents;
• Monitor evaluate and report on the evolution of threats and vulnerabilities of IT systems;
• Continuously monitor digital channels to identify phishing smishing and vishing campaigns.
• Analyze and validate alerts block malicious sources and coordinate response actions with the SOC.
• Improve detection scenarios and support simulated phishing programs.
• Monitor customer transactions and user behavior to detect anomalies or potential fraud.
• Investigate security incidents impacting customers (account takeover unauthorized transactions fraudulent actions).
• Work with Payments Fraud and Digital Banking teams to improve customer protection measures.
• Detect and investigate fake profiles impersonating bank employees or the corporate brand.
• Initiate takedown procedures with platform providers and follow up on case progress.
• Analyze social engineering trends and recommend preventive measures.
• Conduct end-to-end investigations of security cases reported by customers: log analysis URL review header inspection digital evidence gathering.
• Identify the root cause of each incident and recommend remediation actions.
• Provide clear professional communication to Customer Care and Fraud teams regarding findings.
• Investigate alerts related to privileged or sensitive users logging in outside standard business hours.
• Validate the legitimacy of activities escalate when needed and document outcomes.
• Tune alerts and collaborate with SOC to reduce false positives.
• Prepare onboarding documentation (log sources use cases integration details detection rules).
• Configure log collection set up secure connections and validate the ingestion process.
• Test data quality define initial alerting rules and document the full setup.
• Gather analyze and disseminate indicators of compromise (IOCs) attack techniques (TTPs) and intelligence reports.
• Integrate CTI into SIEM rules phishing scenarios investigation playbooks and detection pipelines.
• Collaborate with Group CTI teams and contribute to coordinated threat intelligence efforts.
• Use your ability to create automation scripts (Python PowerShell) for: log enrichment vulnerability scanning phishing-email triage workflows
• Ensure the provision of information and the introduction of the concept of security education and professional training;
• Execute work related to responding to internal and external audit missions;
• Participate in ensuring the security and protection of classified information;

Required Skills & Experience:

• Education: Bachelors Degree or higher;
• Minimum 3 years experience in the field of Information Security;
• Experience in cybersecurity fraud prevention SOC operations or threat monitoring.
• Strong understanding of phishing social engineering digital fraud and security protocols.
• Hands-on experience with SIEM platforms
• Excellent analytical skills and attention to detail.
• Ability to work with sensitive information and react quickly in critical situations.
• Clear communication skills and the ability to translate technical findings into actionable recommendations.
• English language proficiency.

Nice to Have / Openness:

• Certifications: CEH SCCP other specific IT and IT security technology courses and certifications

What we offer:

• Learning platforms: Udemy Master Minds LinkedIn Learning
• Internal Technical (including Training held by certified trainers) & Soft skills Training
• Medical Subscription
• Gym Deduction
• Bookster Subscription
• library - we cover the costs for all specialized books our colleagues want to read
• Wellbeing activities
• Flexible working hours
• Flexible office/Work from-home Policy
• Constant internal events such as team building thematical parties hackathons team celebrations
• minditNomad - all houses are available to book by people to build a flexible context for all colleagues to work and have fun in great locations across the country ( Comarnic Cluj Iasi Sibiu)
• An organizational culture that values employee contribution and empowerment
• 2 extra days of vacation designated for wellbeing
• Free Therapy Sessions provided by

Gettoknowusbetterhere: