Senior Information Security Analyst

Our promise:

• We support your career growth through continuous learning, coaching, and mentorship programs;
• You choose how you'll work with us: remote first or at our offices in Timpuri Noi Square (Bucharest) or Brasov;
• We promise you a feedback-driven culture that inspires healthy communication;
• A friendly, professional, and supportive team is waiting for his new teammate;
• A bunch of people with common hobbies and interests (sailing, football, running marathons, tennis, music, etc.) is ready to welcome you;
• A community driven by courage and creativity (we have our own beer and our own band that sings about us) is challenging you to have serious fun with us;
• We designed benefits that give you the power to create balance in life, on and off work.
  
  

As a Senior Information Security Analyst, you will:

• Lead Security Operations & Incident Response: Monitor systems and networks to detect security events. Investigate incidents thoroughly, perform root cause analysis, assess impact, and coordinate timely response and recovery actions. Define and implement robust incident response plans and continuously improve them through lessons learned.
• Drive Vulnerability Management & Risk Assessments: Manage vulnerability scanning efforts, prioritize remediation based on impact, and conduct risk assessments to evaluate security exposure. Propose and track mitigation strategies in alignment with organizational risk appetite.
• Ensure Security Compliance & Governance: Maintain compliance with standards like ISO 27001, GDPR, NIST and PCI-DSS. Lead internal and external audits, prepare documentation, and support evidence gathering. Develop and maintain policies, procedures, and security standards.
• Promote Security Awareness: Design and deliver engaging security awareness programs. Act as a trusted advisor across departments, providing guidance and promoting a strong security culture throughout the organization.
• Manage Security Tools & Technologies: Administer and enhance core security infrastructure, including SIEM, IDS/IPS, EDR, and firewalls. Evaluate and implement new tools to improve detection, response, and overall posture. Tune and optimize configurations to ensure proactive threat prevention.
• Collaborate and Mentor: Work closely with cross-functional teams to align security efforts with business needs. Act as a mentor for junior team members, sharing best practices and fostering continuous improvement through knowledge-sharing initiatives.
• Document & Share Knowledge: Maintain clear and thorough documentation of processes, configurations, incident reports, and technical decisions. Lead internal sessions to share expertise and uplift the entire team’s skill set.

What about you?

•  You bring at least 5 years of hands-on experience in information security, with a strong background in security operations, risk management, and compliance.
• In-depth knowledge of regulatory requirements and industry standards relevant to information security, including ISO 27001, GDPR, NIST, and PCI-DSS.
• Solid knowledge of networking, encryption, protocols, and modern cybersecurity practices.
• Experience using and managing tools like SIEM, EDR, IDS/IPS, vulnerability scanners, and firewalls.
• Proven ability to analyze complex systems, assess security gaps, and implement effective protective measures.
• Comfortable working across cloud (AWS, Azure, GCP) and on-prem environments.
• Excellent communication and collaboration skills.
• Confident in working with diverse teams and stakeholders.
• Capable of translating technical risks into business language.

Nice to have:

• CompTIA Security+.
• Cisco Certified Network Associate (CCNA – Security or general).
• Microsoft Security Operations Analyst.
• Other relevant certifications like ISO 27001 Implementer, CISSP, or CISM are a plus.

Our process starts here. What should you expect?

✨ A get-to-know-HR Discussion with your recruiter;

✨ A final discussion with the technical team.