Edenred is a leading digital platform for services and payments and the everyday companion for people at work, connecting over 50 million users and 2 million partner merchants in 46 countries via roughly 900,000 corporate clients.
Edenred offers specific-purpose payment solutions for food (such as meal benefits), incentives(such as gift cards, employee engagement platforms), mobility (such as multi-energy, maintenance, toll, parking and commuter solutions) and corporate payments (such as virtual cards).
True to the Group’s purpose, Enrich connections. For good. , these solutions enhance users’ well-being and purchasing power.
They improve companies’ attractiveness and efficiency, and vitalize the employment market and the local economy. They also foster access to healthier food, more environmentally friendly products and softer mobility.
Edenred’s 10,000 employees are committed to making the world of work a connected ecosystem that is safer, more efficient and more responsible every day.
In 2021, thanks to its global technology assets, the Group managed close to €30 billion in business volume, primarily carried out via mobile applications, online platforms and cards.
Edenred is listed on the Euronext Paris stock exchange and included in the following indices : CACNext 20, CAC Large 60, Euronext 100, FTSE4Good and MSCI Europe.
The Edenred Digital Center (EDC) in Bucharest, Romania is Edenred Group's largest Digital hub for strategic tech projects.
As part of the company’s digital transformation, Edenred has launched a major program to improve its security practices.
The IT Security Risk Analyst will :
Leading the IT Security Risk analysis practice within Edenred
Improve the IT Security risk methodology, in line with practices set by IT Compliance, and considering new ways of working (DevOPS)
Improve the integration of security in projects process, including ways to improve autonomy, culture and awareness within the company to enforce better security by design
Promote the methodology in Edenred BUs and train local security actors
Perform and drive risk analysis on Edenred’s critical project, including :
Understanding the security needs and feared events in relation with business
Analyzing technical solutions put forward by IT projects, with the support of experts from the security team for highly technical topics
Finding potential vulnerabilities
Assessing and prioritizing risks
Suggest measures, based on what the organization can provide
Present and explain the risks and measures recommendations to project teams, architecture and business
Consolidate and integrate risk analysis results in a GRC tool to contribute building an IT Risk Cartography
Help building the understanding of the security needs of the different business functions
Report on key compliance and operational metrics
Experience
Degree / Diploma in Computer-related discipline, or equivalent work experience. Degree / Diploma in a risk-related discipline is also acceptable if technical understanding of IT is demonstrated
3 5 years of hands-on experience in IT security or relevant experience.
Proven experience on performing risk analysis, conducting business interviews, integrating security in projects
Knowledge and Skills
Knowledge and understanding of security frameworks and methodologies for controls, compliance and auditing ISO 27005 & ISO 27001 are mandatory;
NIST, PCI-DSS, OWASP are a plus
ISO 27005 certification is a plus, other related industry certifications such as ISO 27001, CEH, CISSP, CSSLP, GSSP-.NET, GSSP-Java, GWEB, GWAPT, OSCP, CREST as well.
Fluent in English
Professional
Proven skills in performing IT Security risk analysis, following set methodologies
Understanding of threat modelling approaches to identify weak points in systems and applications
Understanding of technical topics related to cybersecurity
General understanding of IT and architecture
Good understanding of GDPR and legal frameworks applicable within the EU
Personal
Ability to communicate and work in a transversal manner with both business and technical actors
Capacity to explain security findings, risks and recommendation is a clear, concise manner, to make it accessible to people outside of IT functions
Ability to understand business processes
Demonstrated critical thinking, situational analysis and problem-solving skills and mindset.
Good inter-personnel skill, highly self-motivated, autodidact and willing to do more.
Joining us means :
Taking part in an ambitious corporate project
Becoming part of a team that embraced the digitalization challenge and enjoys this transformation every day
Living our values every day : passions for customers, respect, imagination, simplicity, entrepreneurial spirit.
Because :
You will greatly contribute to build the project that will improve the customers’ experience on an international level
You will get exposure to various global cultures and teams
You will be working with the newest technologies to build a new platform from scratch
We offer you a very pleasant working environment, in the heart of Bucharest
We also have for you : meal tickets, holiday vouchers, health subscription, flexible hours, work from home, flexible benefits system, on-the-job training & e-learning platforms.
And we do not stop here!
