Take a step forward and let Edenred surprise you.Every day, we deliver innovative solutions to improve the life of millions of people, connecting employees, companies, and merchants all around the world. We know there are hundred ways for you to grow. With us, you will expand your skills in a multicultural, challenging, and dynamic environment. Dare to join Edenred and get ready to thrive in a global company that will offer you endless opportunities.Edenred is all about meritocracy. You come as you are, and you contribute. Indeed, the Edenred Group recognizes, recruits and develops all talents and singularities.We are committed to preventing all forms of discrimination and to providing all our candidates with equal opportunities regardless of their gender and gender expression, disability, origin, religious belief and sexual orientation or any other criteria.The Edenred Digital Center (EDC) in Bucharest, Romania is Edenred Group's largest Digital hub for strategic Tech projects.Context/ ROLEEdenred is implementing a worldwide strategy to improve IT security & compliance and protect the business. This strategy is sustained by 4 major pillars.1. PEOPLE - Anchor cyberculture in the company with best practices, awareness, training;2. RULES - Enforce IT security policies applicable to the whole Group;3. DELIVERY - Implement global IT security projects & services to improve the security level;4. PERFORMANCE - Develop a culture of control & performance to assess the improvements.We are looking for an Information Security Expert, to be a member of the Global Security Team.SCOPE & Key ResponsibilitiesReporting to EMEA Information Security Leader the SUMMIT (UTA Business Unit) Information Security & Compliance Expert will support the implementing strong security practices into Product Development Lifecycle and to improve governance, quality and accelerate delivery. She/He will be an essential support in the region to improve the IT Security and Resilience of the BUs according to our roadmap and strategy: identify, protect & comply, detect, respond, recover, and train.This position is an opportunity for she/he to work on strategic applications and projects with many experimented and involved business and IT stakeholders. It will be key to demonstrate project management skills, have a clear understanding of the topics and propose organizational and/or technical solutions to reach the objectives.You will be responsible of:Roll out the Security Program at Business Line level, including:Security Committees & KPIs: preparation & collection of information and of deliverablesMaturity: roadmap implementation of security control framework in the Business UnitsManage Security Awareness process.IAM: deploy process/tool, add automation to access reviews.SCA/MFA: Coordinate the SCA/MFA implementation.PAM: Coordinate the implementation of PAM solution.Cloud Security: Ensure security support for cloud migration processCoordinate the IT & Security resilience process supporting BU to build, perform/maintain Group IT & security resilience controls.Update BIA definition and plan IT DRP implementation & exercisesPerform Cyber security incident response tabletop exercisesManaging cyber security incident in close collaboration with business, technology, legal stakeholders, and CIRTEnsure secure development process lifecycle for business top products and applications.Security by Design applied for the new business-critical products/applications using Agile methodology and integrating into CI/CD.Key Stakeholders:The Information Security Expert will be reporting: ohard line to the EMEA CISO - Mobility Business Lineodotted line to SUMMIT/UTA CTOKnowledge and SKILLSThe successful candidate will be an information security professional passionate by functional and technical subjects and with a proven and successful experience in implementing security by design in large projects in conjunction with IT and business leaders. He/she will be result and performance oriented with a can-do attitude and be able to persuade/influence others in the organization. The ability to engage various stakeholders with passion and conviction to persuade others that security is paramount and not just an option. The good candidate will be able to share, explain and stand for security requirements, while also understand and protecting business/product requirements (e.g. UX). ·5+ years’ experience in cybersecurity ·An experience is expected in security by design in large project. ·Proficiency in the use or knowledge of: IT risk analysis methodologies, threat modelling or analysis IT security design, architecture, standards, and best practices Web applications security, cloud security and secure coding Definition, implementation, and follow-up of security measures & remediation plan​·The ideal candidate is demonstrating: Strong communication skills: he/she adapts own approach to the audience, anticipating issues, preparing for possible resistance to proposed solutions and responding in an appropriate style to reach a mutual agreement. Robust technical skills: he/she can address technical topics with the IT specialists (architecture, infrastructure, developer, …) as deeper as needed to achieve the objectives and solve difficulties. Agility and team spirit: he/she accepts input from a wide range of perspectives (business, legal, HR, IT, etc.) in a local and international context. Works closely with various stakeholders and is available for them to reach common objectives. Proactive: he/she takes initiative and proactively engages with the local team Good understanding of current and emerging technologies supporting digital businesses: APIs, Cloud, loosely coupled architecture, DevOps… Language: fluent in English both written and spoken.Education: Batchelor degree in Information Technologies or similar; a specialization in IT Security will be a plusYou possess a certificate in risk/security (CISA, CISM or CISSP) or equivalent.VIBE WITH USJoining us means:Taking part in an ambitious corporate projectBecoming part of a team that embraced the digitalization challenge and enjoys this transformation every dayLiving our values every day: passions for customers, respect, imagination, simplicity, entrepreneurial spirit.Because:You will greatly contribute to build the project that will improve the customers’ experience on an international levelYou will get exposure to various global cultures and teamsYou will be working with the newest technologies to build new platformsWe offer you a very pleasant working environment, in the heart of BucharestWe also have for you: meal tickets, holiday vouchers, health subscription, flexible hours, work from home, flexible benefits system, on-the-job training & e-learning platforms. And we do not stop here!