IT Security Officer [Orange Money]


The position in a nutshell:

  We are looking for an experienced, innovative and strategic IT Security Officer who will contribute to the success of Orange Money’s mission by maintaining the company’s Information Security Framework and underlying policies, procedures, standards and guidelines and becoming part of the security operational processes.

  Here's what you will have to do:

  • Write and update information security governance documentation;
  • Implement information security policies;
  • Manage security incidents;
  • Manage resource granting and revocation;
  • Support documenting and updating the business continuity plan;
  • Offer advice regarding security risks in business processes, third-party contracts, GDPR issues.

     

    Information Security Policies and Procedures

  • Drafting and updating documentation for information security governance;
  • Collaborating with Orange to align documentation and flows on security management;
  • Implementing an information security policy;
  • Monitoring the implementation of the information security policy;
  • Ensuring compliance with the information security policy;
  • Managing exceptions to information security policy;
  • Identifying security risks as part of the operational risk management process.

    Security incident management

  • Responds to security incidents;
  • Manages low-security incidents;
  • Collaborates as part of the incident response team to resolve high complexity security incidents;
  • Contributes to the preparation of post-incident documentation;
  • Proposes process improvements to mitigate the incidence of incidents.

  Managing the flow of granting and revoking access to resources

  • Involved in onboarding for new employees and conducts specific training;
  • Provides regular security awareness alerts to employees;
  • Planning, directing and coordinating requirements and measures to prevent unauthorized access, damage or interference to company assets and control of access to information.

Security of IT systems

  • Provides opinions on system architecture in terms of security;
  • Manages security tests (through penetration, code analysis, etc.);
  • Manages security issues and coordinates their resolution;
  • Coordinates the establishment of technical and non-technical security standards.

Business Continuity Plan

  • Manages security issues in a crisis situation;
  • Assists in drafting and updating the business continuity plan for security risks.

Relationships with third parties (including subcontractors and Orange entities)

  • Proposes contractual changes to manage security risks;
  • Manages the appendix for minimum security conditions for empowers in the processing of personal data;
  • Is the unique contact point in Orange Money for the relationship with Orange Romania; and the Orange Group in relation to the physical security procedures.

What are we looking for?

  • Minimum of five years’ experience in information security;
  • University degree;
  • Deep technical knowledge including security, data privacy, and compliance;
  • Knowledge of information security management methodologies;
  • Relevant certification (CISSP, CISM, CISA, ISO27001 Lead Implementer/Auditor);
  • Willingness to stay up to date with the latest technologies;
  • Proactivity and convincing skills: ability to clearly and transparently explain and justify your decisions;
  • Strong identification with the company’s strangely simple principles;
  • Good understanding of bank products;
  • Team spirit, open-minded, mutual aid, transparency ;
  • Ability to work independently and autonomously ;
  • Drive quality initiative.

Foreign languages:

  • English

What’s in it for you?

  • Get involved in challenging innovations and transformations initiatives of a dynamic high technology company;
  • Opportunity to work in a multicultural environment;
  • Open, friendly and respectful work atmosphere;
  • Opportunity to develop by training and practice personal business, technical & soft skills;
  • Special subscription for sports and recreational activities;
  • Medical plan subscription;
  • Life insurance;
  • Flexible working time;
  • Professional and private phone subscriptions;
  • Lunch tickets. 

 

Nedeterminat

Număr Post: BZAS917375

Localitate: Bucuresti

Dată limită: 06/06/2019

Printează