Security Manager

About our team

BCR is the place where you learn, grow, and contribute to shaping the future of banking. We are recognized as a school of excellence in banking, a top employer in the banking sector, and a team open to learning, where every colleague feels noticed and valued.

We are an organization that values people and supports them in having a life that brings fulfillment, security, and balance.

How you will contribute

• Monitor the annual plan for conducting external penetration tests, ensure the relationship with service providers and reconciliation of penetration reports, including granting access to the applications;
• Analyze the reports and escalated them to dedicated remediation teams;
• Evaluate the security risks associated with the outsourced activities with the IT component from the perspective of internal regulations and applicable laws (NIS, NBR regulations, ASF regulations, etc.);
• Evaluate the execution / testing of action plans in case of security incidents;
• In case of IT security incidents, perform a first validation and classification thereof, identifying corrective measures to be implemented by IT colleagues and escalating complex incidents to senior IT security analysts, collaborating with other internal or external security teams and reporting these incidents;
• Protect data and information processed and stored in cloud by recommending appropriate security solutions;
• Vulnerability management activities in terms of vulnerability scanning (including cyber threat intelligence aspects) and monitoring remediation performed by IT colleagues, risk analysis and support IT teams in remediation process;
• Establish rules to be set for security tools (and participate in the implementation project thereof) and for onboarding of new assets to SIEM;
• Address queries from IT or business colleagues in terms of security, including phishing, access to certain resources or assets, etc.
• Educate the business and IT colleagues about security threats and implement threat protection measures at project and Bank level.

What will help you be successful

• +4 years of experience in IT security, IT operations/infrastructure or IT audit; experience in financial services is a plus;
• Good knowledge regarding the IT infrastructure operations within the medium and large level corporations;
• Legislative knowledge specific to the field of information security;
• Knowledge about the non-functional aspects of IT Architectures (Performance, resilience, availability, security, etc.);
• Administration of networks at CCNA level is a plus;
• Knowledge of security services installed in the cloud: Azure, AWS, GCP or experience in security of mobile applications is a plus;
• Knowledge of RESTful APIs, Single Sign On, LDAP, Search Technologies is a plus;
• Understanding of service oriented architectures especially of REST API type is a plus;
• CIA oriented mindset.

Sounds like you'd be a good fit? Well, check out what we provide for our passionate people

• Monthly budget for flexible benefits through the Benefit Online platform;
• 13th month salary;
• Performance-based bonus;
• Banking facilities, benefits for private pension and discounts on insurance policies;
• Gifts for special occasions;
• Vacation allowance;
• Private medical services for you and your family;
• Hybrid and flexible work schedule;
• 1 month / per year of remote work from abroad (UE);
• Up to 27 vacation days depending on your professional experience;
• Extra 7 days off per year if you have used up your vacation days;
• One day off for your birthday;
• Wellbeing, personal and professional development programs, and platforms that allow you to learn anytime, anywhere, and from any device;
• Subscription to Bookster.