Information Security Expert
Description:
Take a step forward and let Edenred surprise you.
Every day, we deliver innovative solutions to improve the life of millions of people, connecting employees, companies, and merchants all around the world.
We know there are hundred ways for you to grow. With us, you will expand your skills in a multicultural, challenging, and dynamic environment.
Dare to join Edenred and get ready to thrive in a global company that will offer you endless opportunities.
Edenred is all about meritocracy. You come as you are, and you contribute. Indeed, the Edenred Group recognizes, recruits and develops all talents and singularities.
We are committed to preventing all forms of discrimination and to providing all our candidates with equal opportunities regardless of their gender and gender expression, disability, origin, religious belief and sexual orientation or any other criteria.
ABOUT EDENRED
Edenred is a pioneer, a tech leader, and the everyday companion for people at work across more than 46 countries.
Our 10,000 employees are committed to making the world of work a better place for all, one that is safer, more efficient, and more user-friendly. At Edenred, our passion for customers, respect, imagination, simplicity, and entrepreneurial spirit are our values. For anyone who needs to vibe in their professional life, we are the best place for you to work and grow.
The Edenred Digital Center (EDC) in Bucharest, Romania is Edenred Group's largest Digital hub for strategic Tech projects.
Context/ ROLE
Edenred is implementing a worldwide strategy to improve IT security & compliance and protect the business. This strategy is sustained by 4 major pillars.
1. PEOPLE - Anchor cyberculture in the company with best practices, awareness, training
2. RULES - Enforce IT security policies applicable to the whole Group
3. DELIVERY - Implement global IT security projects & services to improve the security level
4. PERFORMANCE - Develop a culture of control & performance to assess the improvements
We are looking for an Information Security Expert, to be a member of the Global Security Team.
n SCOPE & Key Responsibilities
Reporting to EMEA Information Security Leader the IT Security Governance Expert will support the EMEA zone of Mobility Business Line to improve governance, quality and accelerate delivery.
She/He will be an essential support in the region to improve the IT Security and Resilience of the BUs according to our roadmap and strategy: identify, protect & comply, detect, respond, recover, and train.
This position is an opportunity for she/he to work on strategic applications and projects with many experimented and involved business and IT stakeholders. It will be key to demonstrate project management skills, have a clear understanding of the topics and propose organizational and/or technical solutions to reach the objectives.
What you will do…
Roll out the Security Program at Business Line level, including:
Security Committees & KPIs: preparation & collection of information and of deliverables
Maturity: roadmap implementation of security control framework in the Business Units
Manage Security Awareness process.
IAM: deploy process/tool, add automation to access reviews.
SCA/MFA: Coordinate the SCA/MFA implementation.
PAM: Coordinate the implementation of PAM solution.
Act as the primary point of contact for client security inquiries and assurance requests, ensuring alignment with our security controls
Develop and maintain a third-party risk management framework that aligns with our security controls to assess and monitor the security posture of vendors and partners.
Coordinate the IT & Security resilience process supporting BU to build, perform/maintain Group IT & security resilience controls.
Update BIA definition and plan IT DRP implementation & exercises
Perform Cyber security incident response tabletop exercises.
Managing cyber security incident in close collaboration with business, technology, legal stakeholders, and CIRT
Ensure secure development process lifecycle for business top products and applications.
Security by Design applied for the new business-critical products/applications using Agile methodology and integrating into CI/CD.
Key Stakeholders:
The Information Security Leader will mainly interact with internal stakeholders:
At BU level
IT Leaders (CTOs)
IT Application Owners & Business Analysts
IT Security, Architecture & Infrastructure Leaders
Data Protection Correspondent (DPC)
Human Resources, Legal and Business teams
At region/zone, business line and global level
Zone IT Security Leader (N+1)
IT Security Center of Expertise (AppSec, IAM, IT Compliance & Resilience, Cyber-Program, Security Operations)
Other Global functions in Global Technology (architecture and infrastructure)
Experience
Significant experience within the Information Security field (5+ years)
Contract type
Permanent contract, full time, including regular business trips to the BUs.
collaborative atmosphere
Knowledge and skills
Soft skills:
Pragmatic and solution oriented
Result and performance oriented with a can-do attitude and be able to persuade/ influence others in the organization.
Clear concise reporting, outlining key points
Work independently with agreed remit and autonomy
Passionate about functional and technical subjects with a proven and successful experience in deploying projects, in conjunction with international IT and business leaders
Manage several requests and parallel work streams
Language – fluent in English both written and spoken.
Hard skills:
A significant experience in the following domain is essential: IT & Cyber security Resilience operations (incl. BIA, DRP, BCP)
Experience in at least two of the following domains is expected: Identity & Access Management (IAM), IT security incident response, cloud security, vulnerability management.
A good knowledge of cyber risk frameworks (e.g., NIST, ISO 27001, CIS) ) and regulatory requirements (e.g., GDPR, HIPAA), secure development best practices or payment solutions security will be appreciated.
Nice to have:
You possess a certificate in risk/security (CISA, CISM or CISSP) or equivalent.
VIBE WITH US
Joining us means:
Taking part in an ambitious corporate project
Becoming part of a team that embraced the digitalization challenge and enjoys this transformation every day
Living our values every day: passions for customers, respect, imagination, simplicity, entrepreneurial spirit.
Because:
You will greatly contribute to build the project that will improve the customers’ experience on an international level
You will get exposure to various global cultures and teams
You will be working with the newest technologies to build new platforms
We offer you a very pleasant working environment, in the heart of Bucharest
We also have for you: meal tickets, holiday vouchers, health subscription, flexible hours, work from home, flexible benefits system, on-the-job training & e-learning platforms.
And we do not stop here!
Other details
Expected start date: Early Q4 2025
Location: Bucharest, Romania
Apply now and Vibe with Us!
JR017369