IT Security Manager
What will help you be successful
- +4 years of experience in IT security (at least 2 years in financial-banking institutions);
- Good knowledge regarding the management of the IT infrastructure within the medium and large level corporations;
- Legislative knowledge specific to the field of information security;
- Knowledge about the non-functional aspects of IT Architectures (Performance, resilience, availability, security, etc.);
- Administration of networks at CCNA level;
- Experience in security of services installed in the cloud: Azure, AWS, etc. or experience in security of mobile applications;
- Knowledge of at least 2 of: Kubernetes, Java, Node.js, Golang, Python;
- Knowledge of RESTful APIs, Single Sign On, LDAP, Search Technologies;
- Knowledge of: Linux, Maven / Gradle, NPM, Jenkins / Circle CI;
- Preferably knowledge about Spring Boot, Ansible, Shell, OpenShift, GIT Lab;
- Understanding of service oriented architectures especially of REST API type;
About Our Team
We are more than 5000 people at BCR and each and every one of us is different. We like to believe that our diversity of ideas, attitudes, passions, feelings and origins make our culture more beautiful and our jobs more meaningful.
How You Will Contribute
- Proactively identify security issues and potential threats, ensuring awareness of the latest threats, and continuously building processes and design systems to watch for and protect against them;
- Educate the business and IT colleagues about security threats and implement threat protection measures at project and Bank level;
- Define and propose policies, procedures and internal / local regulations specific to IT security regarding the realization / administration / use of processes and IT resources that ensure information security in accordance with Group policies and with the legislation in force;
- Define and supervise the implementation of technological security requirements for the IT infrastructure;
- Evaluate the execution / testing of action plans in case of security incidents;
- Participate in investigations and report to the higher hierarchical level their result regarding the theft of information, destruction, modification and other aspects regarding the access and unauthorized use of IT resources;
- Evaluate the security risks and test the changes within the IT infrastructure or systems proposed through the Change Management process or results from operational software maintenance and updating activities;
- Challenge the assessment of risks associated with new products, business initiatives and material project change and ensure adequate 1st line deployment of appropriate controls to mitigate risks.
- Guide and drive security initiatives through scheduled, daily, weekly, monthly and quarterly sessions.
- Define the risk management framework, maintain risk register, risk treatment plans, regularly reporting to the risk and InfoSec committee
- Ensuring access controls are set to appropriate levels across the various departments liaising with function Heads.
- Propose for approval and monitor the implementation of projects and processes aimed at detecting, identifying and analyzing IT security events / threats on BCR's IT infrastructure.
- The opportunity to develop yourself in one of the most important banking institutions from Central and Eastern Europe;
- Flexible working schedule and work from home policy;
- Accessible & modern head offices in Grozavesti Area (For the time being, due to Covid-19 situation, most of us work from home);
- Private medical insurance;
- Up to 27 vacation days depending on your years of experience;
- Days off for unexpected events;
- Free day on your birthday;
- Banking and private pension benefits.
Your personal data is processed by BCR according with the provisions of the General Data Protection Regulation. We perform data processing activities necessary for the conclusion of the employment contract on the legal obligation and legitimate interest. The recruitment process does not involve automated profiling or decision-making processes.
You have the following rights: right to be informed, right of access, right to rectification, right to erasure, right to restrict processing, right to data portability, right to object, not being subject of an automated individual decision and to appeal to ANSPDCP or the competent courts, in case you consider it necessary. For more details please access https://www.bcr.ro/ro/cariere/informare-candidati.
Banca Comerciala Romana (BCR), member of Erste Group, is the most important Romanian financial group, providing universal bank services, leasing, private pensions, investment funds, savings and credits for housing, through our branches and corporate centers.
BCR aims to contribute to foster prosperity for Romania, by supporting everyone’s chances for a better life and encouraging our clients to trust themselves and their capacity to reach their potential. In this respect, BCR constantly invests in secure and easy access to banking services, banking for everybody, long-term financial counseling and products which comply with every customer’s potential.
BCR has created the biggest and most consistent financial education program in Romania, “The Money School”, with classes for adults and teenagers, a financial education mobile exposition for children and a digital platform, all these being possible thanks to over 1,000 financial education teachers, BCR employees.