IT Risk Analyst
Romania , Bucharest
1 zi în urmă

Edenred is a leading digital platform for services and payments and the everyday companion for people at work, connecting over 50 million users and 2 million partner merchants in 46 countries via roughly 900,000 corporate clients.

Edenred offers specific-purpose payment solutions for food (such as meal benefits), incentives(such as gift cards, employee engagement platforms), mobility (such as multi-energy, maintenance, toll, parking and commuter solutions) and corporate payments (such as virtual cards).

True to the Group’s purpose, Enrich connections. For good. , these solutions enhance users’ well-being and purchasing power.

They improve companies’ attractiveness and efficiency, and vitalize the employment market and the local economy. They also foster access to healthier food, more environmentally friendly products and softer mobility.

Edenred’s 10,000 employees are committed to making the world of work a connected ecosystem that is safer, more efficient and more responsible every day.

In 2021, thanks to its global technology assets, the Group managed close to €30 billion in business volume, primarily carried out via mobile applications, online platforms and cards.

Edenred is listed on the Euronext Paris stock exchange and included in the following indices : CACNext 20, CAC Large 60, Euronext 100, FTSE4Good and MSCI Europe.

The Edenred Digital Center (EDC) in Bucharest, Romania is Edenred Group's largest Digital hub for strategic tech projects.

As part of the company’s digital transformation, Edenred has launched a major program to improve its security practices.

The IT Security Risk Analyst will :

  • Leading the IT Security Risk analysis practice within Edenred
  • Improve the IT Security risk methodology, in line with practices set by IT Compliance, and considering new ways of working (DevOPS)
  • Improve the integration of security in projects process, including ways to improve autonomy, culture and awareness within the company to enforce better security by design
  • Promote the methodology in Edenred BUs and train local security actors
  • Perform and drive risk analysis on Edenred’s critical project, including :
  • Understanding the security needs and feared events in relation with business
  • Analyzing technical solutions put forward by IT projects, with the support of experts from the security team for highly technical topics
  • Finding potential vulnerabilities
  • Assessing and prioritizing risks
  • Suggest measures, based on what the organization can provide
  • Present and explain the risks and measures recommendations to project teams, architecture and business
  • Consolidate and integrate risk analysis results in a GRC tool to contribute building an IT Risk Cartography
  • Help building the understanding of the security needs of the different business functions
  • Report on key compliance and operational metrics
  • Experience

  • Degree / Diploma in Computer-related discipline, or equivalent work experience. Degree / Diploma in a risk-related discipline is also acceptable if technical understanding of IT is demonstrated
  • 3 5 years of hands-on experience in IT security or relevant experience.
  • Proven experience on performing risk analysis, conducting business interviews, integrating security in projects
  • Knowledge and Skills

  • Knowledge and understanding of security frameworks and methodologies for controls, compliance and auditing ISO 27005 & ISO 27001 are mandatory;
  • NIST, PCI-DSS, OWASP are a plus

  • ISO 27005 certification is a plus, other related industry certifications such as ISO 27001, CEH, CISSP, CSSLP, GSSP-.NET, GSSP-Java, GWEB, GWAPT, OSCP, CREST as well.
  • Fluent in English
  • Professional

  • Proven skills in performing IT Security risk analysis, following set methodologies
  • Understanding of threat modelling approaches to identify weak points in systems and applications
  • Understanding of technical topics related to cybersecurity
  • General understanding of IT and architecture
  • Good understanding of GDPR and legal frameworks applicable within the EU
  • Personal

  • Ability to communicate and work in a transversal manner with both business and technical actors
  • Capacity to explain security findings, risks and recommendation is a clear, concise manner, to make it accessible to people outside of IT functions
  • Ability to understand business processes
  • Demonstrated critical thinking, situational analysis and problem-solving skills and mindset.
  • Good inter-personnel skill, highly self-motivated, autodidact and willing to do more.
  • Joining us means :

    Taking part in an ambitious corporate project

    Becoming part of a team that embraced the digitalization challenge and enjoys this transformation every day

    Living our values every day : passions for customers, respect, imagination, simplicity, entrepreneurial spirit.

    Because :

    You will greatly contribute to build the project that will improve the customers’ experience on an international level

    You will get exposure to various global cultures and teams

    You will be working with the newest technologies to build a new platform from scratch

    We offer you a very pleasant working environment, in the heart of Bucharest

    We also have for you : meal tickets, holiday vouchers, health subscription, flexible hours, work from home, flexible benefits system, on-the-job training & e-learning platforms.

    And we do not stop here!

    Raportați această lucrare

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    Email-ul meu
    Făcând clic pe "Continuă", acord nevoo consimțământ de a procesa datele mele și de a-mi trimite alerte prin e-mail, așa cum este detaliat în policyApplicația de confidențialitate a lui neuvoo. Pot să-mi retrag consimțământul sau să mă dezabonez în orice moment.