Cybersecurity Risk Analyst and Security Compliance Specialist
This role involves analyzing and validating security exception requests, monitoring security levels, and managing IT operational risks. The candidate will support security standards implementation, risk assessments, and audit follow-ups for various IT assets. The position focuses on enhancing security posture within a digitally innovative environment at easydo digital technologies.
Key Highlights
Technical Skills Required
Benefits & Perks
Job Description
Company Description
Empowering our Clients with People-Driven Digital Innovation Across Europe
We are a Group managing digital IT services and solutions, driven by people, innovation, agility, and deep industry insight. We are working with the largest private and public institutions to deliver IT services and solutions.
Being an entrepreneurial digital services group with a Human-Sized Tech Company, we are built by passionate experts and led by seasoned leaders in IT and digital transformation.
Responsibilities:
- Analyze and validate security exceptions requests such as route openings, non-standard software installations, etc.
- Accompany the IT teams in the implementation of Group security standards for their new/existing applications/infrastructure
- Monitor the security level of assets
- Follow-up on audit results of applications, third parties (partners, delegated entities, suppliers, etc.) and physical sites, carried out by another department or by the department itself, relating to the integration of vulnerabilities identified in risk analyses and the monitoring of associated remediation action plans
- Security support for business projects using risk analysis by identifying business issues, security requirements, associated action plans, and assessing intrinsic and residual risks for internal and third-party projects
- Managing IT operational risks (IT risks)
- Maintaining and updating the referential
- Â Development and maintenance of dashboards to monitor the progress of initiatives.
- Security files (and intermediate deliverables such as safety classification, expression of project safety needs, residual risk assessment for business managers)
- Security risk analysis and if required, risk acceptance forms
- Reporting elements, dashboards of security and risk indicators
- Managerial presentations (for IT and business) on the projects
Profile:
- Advanced knowledge of risk analysis methodologies and security key topics (classification, AICT assessment, intrinsic/residual risks, risk scenarios)
- General Knowledge of standards (ISO 2700x, ITIL, COBIT, etc.) and security governance principles.
- Knowledge of security best practices in the field of IT systems management (authorizations, data anonymization, incident management, authentication, backup, archiving, security patch management, antiviral updates, network partitioning, NAC, wifi, etc)
- Knowledge of security tool administration principles: firewalls, proxies, SIEM, DLP, IDS, IPS, vulnerability scanners like Qualys, IAM systems
To a lesser extent:
- Knowledge/experience in security architecture areas
- Security monitoring / understanding and knowledge of the main security threats (virals, cybercrime, APT) and their distribution methods.
- Possibly, experience of IT security audit missions
- Security certifications (CISSP, ISO 27001, ISO 27005, NIST etc.)
We offer:
Competitive salary and the opportunity to have a meaningful job where you can make a difference.
The chance to continuously evolve as a professional.
Medical insurance & Meal tickets.
CIM/B2B
Full Remote!
cristina.voicu@easydo.co