IT Security Officer
Share
Job Location:
Monthly Salary:
Posted on:
Yesterday
Vacancies:
1 Vacancy
Job Summary
Whoare we:
is an AI-driven custom software services company with 250 IT specialists with proven expertise in software & product engineering artificial intelligence business intelligence data analytics & integration services.
With offices in Switzerland Germany and 4 delivery centers in Romania we cover the entire development cycle from business research consulting and architecture to post-implementation testing and maintenance.
Our values:
- Partner of Choice: We put our customers at the center of everything we do building authentic trust-based relationships at every level. By deeply understanding their business goals and acting in their best interest we create long-term partnerships that last. Combining industry know-how with cutting-edge technology we become the partner our customers rely on when it matters most.
- Professional: We always deliver! with discipline and excellence on time on budget on quality. Powered by highly skilled teams strong engineering practices and efficient processes we turn complex challenges into reliable high-impact outcomes.
- Authentic: We take ownership of our work and our growth. Guided by a continuous learning mindset we strive to become the best version of ourselves acting with ambition curiosity and an extra-mile attitude in everything we do.
- Team: We believe our strength lies in moving forward together. Trust collaboration and shared accountability enable us to achieve more than we ever could alone. By supporting one another and valuing every contribution we create an environment where people grow excel and deliver real impact. We grow together we learn together we build together
Location and Work Setup: The position is based in the Bucharest Office near Grozavesti metro station with a flexible hybrid way of working.
Key Responsibilities:
- Act to enforce security and information protection policies in accordance with the provisions of the bank Articles of Incorporation and specific regulations;
- Identify detect analyse and report information security threats and potential threats from various sources using various correlation techniques to categorize them. Subsequently propose measures to minimize the impact;
- Analyse and investigate security incidents assigned directly for resolution or posted in the Manage and resolve USD security tickets ensuring timely approvals validations and follow-up actions.
- Review and approve installation requests for new applications according to security policies and compliance standards.
- Evaluate approve and track new firewall rule requests ensuring alignment with network security best practices.
- Understand the risks in AI/ML systems and ability to detect AI-driven fraud deepfakes and automated phishing.
- Design configure and maintain Data Loss Prevention (DLP) rules to safeguard sensitive information and prevent data leakage.
- Continuously optimize DLP policies based on incident trends business needs and risk assessments.
- Monitor evaluate and report on the evolution of threats and vulnerabilities of IT systems;
- Administer and maintain banks platforms used for vulnerability scanning and risk assessment.
- Perform regular vulnerability scans analyze findings prioritize risks and coordinate remediation with technical teams.
- Drive the end-to-end vulnerability management lifecyclefrom discovery and reporting to follow-up and closure with system owners.
- Detect sophisticated attacks (e.g. lateral movement privilege escalation).
- Plan submit for approval and execute plans for periodic checks of vulnerability scanning systems and solutions according to the Banks internal standards;
- Collaborate with Red Team and support adversarial simulations (ransomware readiness etc.).
- Coordinate and execute periodic Run the Bank pentesting activities to identify security gaps across systems and applications and collaborate with internal teams and external partners to validate fixes retest vulnerabilities and support secure deployments.
- Use your ability to create automation scripts (Python PowerShell) for: log enrichment vulnerability scanning phishing-email triage workflows
- Ensure the provision of information and the introduction of the concept of security
- Analyse confidentiality agreements concluded with third parties and monitor compliance with internal regulations;
- Execute work related to responding to internal and external audit missions;
- Participate in ensuring the security and protection of classified information;
Required Skills & Experience:
- Education: Bachelors Degree or higher;
- Minimum 3 years experience in the field of Information Security;
- Hands-on expertise with vulnerability scanning tools DLP solutions
- Solid understanding of: network security concepts (firewalls ports protocols) vulnerability scanning methodologies common vulnerabilities (CVEs CVSS OWASP Top 10)
- Experience reviewing and validating security-related change requests (e.g. firewall rules installations).
- Familiarity with penetration testing workflows and remediation tracking.
- Strong analytical skills and ability to interpret technical security reports.
- Excellent communication skills with the ability to interact with technical and non-technical stakeholders.
- English language proficiency.
Nice to Have / Openness:
- Certifications: CEH SCCP other specific IT and IT security technology courses and certifications
What we offer:
- Learning platforms: Udemy Master Minds LinkedIn Learning
- Internal Technical (including Training held by certified trainers) & Soft skills Training
- Medical Subscription
- Gym Deduction
- Bookster Subscription
- library - we cover the costs for all specialized books our colleagues want to read
- Wellbeing activities
- Flexible working hours
- Flexible office/Work from-home Policy
- Constant internal events such as team building thematical parties hackathons team celebrations
- minditNomad - all houses are available to book by people to build a flexible context for all colleagues to work and have fun in great locations across the country ( Comarnic Cluj Iasi Sibiu)
- An organizational culture that values employee contribution and empowerment
- 2 extra days of vacation designated for wellbeing
- Free Therapy Sessions provided by
Gettoknowusbetterhere:
Required Experience:
Unclear Seniority
Key Skills
- Network security
- Risk Management
- Compliance
- Information Technology
- Security Requirements
- ISO
- Security Solutions
- Windows
- Access Control
- Vulnerability Assessments
- SOX
- Regulatory Agencies
- Business Units
- Incident Response
- Access Management
About Company
Take your enterprise to new levels with custom AI solutions and data-driven insights. Specializing in AI-driven data and software engineering across retail, healthcare, banking, fintech, foodtech, and manufacturing.
