Client Assurance & Third Parties IT Security Specialist

Romania - Bucharest - Edenred Digital Center

Edenred

Découvrez le groupe Edenred, la plateforme de service et de paiements qui accompagne au quotidien les acteurs du monde du travail dans 45 pays.

View all jobs at Edenred

Apply now Apply later

Take a step forward and let Edenred surprise you.

Every day, we deliver innovative solutions to improve the life of millions of people, connecting employees, companies, and merchants all around the world. 

We know there are hundred ways for you to grow. With us, you will expand your skills in a multicultural, challenging, and dynamic environment. 

Dare to join Edenred and get ready to thrive in a global company that will offer you endless opportunities.

Edenred is all about meritocracy. You come as you are, and you contribute. Indeed, the Edenred Group recognizes, recruits and develops all talents and singularities.

We are committed to preventing all forms of discrimination and to providing all our candidates with equal opportunities regardless of their gender and gender expression, disability, origin, religious belief and sexual orientation or any other criteria.

About EDENRED

Edenred is a pioneer, a tech leader, and the everyday companion for people at work across more than 45 countries.

Our 12,000 employees are committed to making the world of work a better place for all, one that is safer, more efficient and more user-friendly. At Edenred, our passion for customers, respect, imagination, simplicity and entrepreneurial spirit are our values. For anyone who needs to vibe in their professional life, we are the best place for you to work and grow.

The Edenred Digital Center (EDC) in Bucharest, Romania is Edenred Group's new Digital hub for strategic IT projects.

 

Context/role

The Benefits & Engagement, business line of Edenred, is looking for his/her new Client assurance & third parties IT Security specialist. This role involves assessing, managing, and mitigating risks associated with client data and third-party relationships while providing assurance to clients regarding the organization's security posture. The ideal candidate will have a strong understanding of cybersecurity principles, risk management, and compliance frameworks, aligned with our internal security controls.

You will cover multiple Business units (17) distributed in Europe.

You will be responsible of:

-        Assuring trust to our customers and partners regarding our level of securities (through questionnaires or direct exchange)

-        Ensuring the security and compliance of client engagements and third-party vendors

-        Inventorying, classifying and monitoring our 3rd parties

-        Supporting our legal and procurement teams regarding IT Security in contracts of our partners (3rd parties)

 

This position requires rigorous coordination skills to cover the full scope composed of several number of businesses and customers across multiple countries. It also requires communication skills to reassure & support our customers.

You will be in direct contact with the different CTOs, sales & legal teams distributed in our Business units.

You will be supported by Group teams which provide expertise on the different cyber security domains.

This is a great opportunity to work with experts from different locations, with different skills, and a shared commitment to deploy & strengthen the Whole group security

This position reports directly to the B&E Europe security leader.

 

 Position SCOPE & Key Responsibilities

»  Act as the primary point of contact for client security inquiries and assurance requests, ensuring alignment with our security controls

»  Answer customer requests regarding IT Security (Questionnaires, interview etc.)

»  Build trust with our customers & partners

»  Conduct security assessments and audits for client engagements, referencing relevant controls from our framework to ensure compliance with contractual obligations and industry standards

»  Provide certification and external audit support (e.g.: ISO2700X)

»  Collaborate with internal teams to address client-specific security requirements and concerns, ensuring adherence to our security policies

»  Develop and maintain a third-party risk management framework that aligns with our security controls to assess and monitor the security posture of vendors and partners.

»  Conduct security assessments of third-party vendors, utilizing our framework's controls to evaluate their security practices and risk levels

»  Ensure that security practices align with industry best practices and regulatory requirements, as well as our internal controls

»  Build a knowledge databases of customer questions & answers to enhance our response delays

»  Inventor and classify our most critical 3rd parties

»  Challenge contracts with our 3rd parties to include security clauses

»  Provide training and awareness programs for internal teams regarding client security requirements and third-party risk management, emphasizing our security controls

 

 Required skills & profile

         

»  Approximately 5+ years’ experience, including experience in similar function.

»  Technological background plus process exposure

»  Experience in IT security, risk management, or compliance, with a focus on client assurance and third-party security

»  Strong understanding of cybersecurity frameworks (e.g., NIST, ISO 27001, CIS) and regulatory requirements (e.g., GDPR, HIPAA)

»  Experience conducting security assessments and audits for clients and third-party vendors, with a focus on applying security controls

»  Fluent English level (mandatory)

»  Soft skills

»  Excellent communication and interpersonal skills, with the ability to present complex security concepts to non-technical stakeholders

o   Proactive

o   Pragmatic and solution-oriented

»  Agile spirit

»  Strong analytical and problem-solving skills

»  Experience in matrix and international IT organizations is a plus

»  Proficient in security assessment tools and methodologies

»  Previous consulting experience is a plus

»  Relevant certifications (e.g., CISSP, CISM, CISA, CRISC) are a plus

 

 VIBE WITH US

 

Joining us means:

»  Becoming part of a team that embraced the digitalization challenge and enjoys this transformation every day

»  Living our values every day: passions for customers, respect, imagination, simplicity, entrepreneurial spirit.

 

Because:

»  You will get exposure to various global cultures and teams

»  We offer you a very pleasant working environment, close to Bucharest city center

»  We also have for you: meal tickets, holiday vouchers, health subscription, flexible hours, work from home, flexible benefits system, on-the-job training & e-learning platforms.

And we do not stop here!

 

Apply now and Vibe with Us!

Apply now Apply later

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats:  0  0  0

Tags: Agile Audits CISA CISM CISSP Compliance CRISC GDPR HIPAA ISO 27000 ISO 27001 Monitoring NIST Risk management RMF Security assessment

Perks/benefits: Career development Flex hours Health care

Region: Europe
Country: Romania

More jobs like this

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.