Back to listing

Security Governance Engineer
Romania (Brasov, Iasi, Cluj-Napoca, Bucharest, Craiova, Timișoara)

Date posted: 16.02.2024

Job type: Full time

Romania (Brasov, Iasi, Cluj-Napoca, Bucharest, Craiova, Timișoara)

Remote work

Full time

Job perks: Agile environment; Security projects; Professional team;

About the project

How we hire:
At Pentalog, excellence is what you'll do. We're guided by a mission to positively impact the software development world.

Our Internal Security Department is looking for a Security Governance colleague, who will oversee, manage and implement actions to maintain and increase the Group's security level and ensure compliance with requirements and frameworks.

Being part of the department, you will collaborate with people from various areas including operational Security, Governance Security and SOC team profiles. You will report to the group's CSO, under the Security Team Leader’s guidance, while developing the activity of this service and continuously increasing the security level of our company.
 

Job requirements

  • At least 5 years of experience in a similar role;
  • Good understanding of basic security technologies and secure development good practices;
  • In-depth knowledge of security standards such as ISO 27001 and GDPR;
  • Good knowledge on risk analysis methodologies (EBIOS or EBIOS RM) or any others;
  • Experience in project management and strategic planning for successful security initiatives; 
  • Ability to work independently and as part of a team, and to communicate effectively with other departments within the company;
  • Ability to proactively solve problems and anticipate potential security issues;
  • Ability to federate the members of the company to carry out its projects in a timely and effective manner;
  • Basic knowledges on different areas of computer security:
    • Vulnerability /Patch management;
    • Cloud security;
    • Security hardening;
    • Understanding of OWASP ASVS.
  • Strong communication and training skills to ensure security awareness and training of employees and developers;
  • Fluency in English.
     

Responsibilities

Manage/Leading the following activities: 

  • Develop, maintain and review security policies and procedures to protect the company's data and IT systems and to ensure they match with our requirements;
  • Conduct security risk analysis to identify potential vulnerabilities and threats, risks and recommend mitigation measures;
  • Work on ISO 27001 certification by implementing the necessary policies and procedures to comply with security standards;
  • Driving security controls to make sure the company is applying the security policies;
  • Report key indicators to the leadership;
  • Take part in the implementation of the necessary security controls, in accordance with the CSO directives;
  • Perform GDPR assessment and ensure compliance by supporting implementation of the recommendations.

Support on these activities: 

  • Provide security advice and technical assistance to other departments (Legal, DPO) within the company;
  • Perform security controls on SOX;
  • Implementation of a DLP solution compliant with the data retention and classification policy requirements;
  • Implementation of a Business Continuity Management (BIA, BCP …);
  • Ensure security by design on internal projects related to SecOps and SOC activities;
  • Help with reviewing security contracts, answering security questions of clients and building efficient processes and frameworks.
     

Benefits

  • Healthcare benefits (Private Medical Insurance, various extra medical advantages);
  • A more active lifestyle with the help of our PentaSport activities;
  • French and English classes;
  • Free pass to learning platforms;
  • Meal vouchers;
  • Mentorship programs that encourage and enable your professional development;
  • Access to a technology roadmap;
  • Full support to upgrade yourself (conferences and certifications);
  • New-born maternity grant;
  • A front-row seat to PentaBARs – our after-work tech events with a twist.
     

About Pentalog

As a leading European Software Services company operating internationally in France, Romania, Germany, Moldova, UK, Vietnam, Mexico, Morocco and USA, we employ over 1,300 engineers and IT experts who work in a very dynamic, multicultural working environment.

At Pentalog, your talents & ambitions are recognized and rewarded; we offer plenty of opportunities to develop, both individually, as well as a professional, and we reward our collaborators who understand the importance of self-improvement.

Apply now

Super humans

Other jobs you might be interested in

IT Security and Governance Specialist (Microsoft 365)

Summary: Take an active role in the Security Governance service by leading projects and providing support for recurring governance security activities and other team initiatives.
Multiple locations
Full time
Remote work
Job perks: Continuous development; Security projects; Digital transformation projects;

Security Engineer

Summary: We have a new opportunity for a Security Engineer who wants to develop their career in a dynamic, multicultural environment where talent and ambition are recognized and rewarded.
Multiple locations
Full time
Remote work
Job perks: Continuous learning opportunities; Digital Transformation Projects

Security Engineer

Summary: A leading travel organization is in search of a Product & Member Security Engineer to boost the security measures of its web and mobile platforms. Become part of a diverse team eager to redefine limits.
Multiple locations
Full time
Remote work
Job perks: Agile environment; Top client; Multicultural environment
Do you want to check all jobs? Check all the jobs

Blog articles

Design Patterns

The Flyweight Chronicles: How to Make Your Code Weightless!

The Flyweight Design Pattern is a structural pattern used to minimize memory usage or computational expenses by sharing as much as possible with related objects. It is beneficial when many similar objects need to be created, and the overhead of creating and maintaining each object individually is too high. The key idea behind the Flyweight […]
Eduard Ghergu
by Eduard Ghergu
Software Architect

Design Patterns

Facade Design Pattern: Streamlining Complexity in Code

What is facade design pattern?   The Facade Design Pattern is a structural design pattern that provides a simplified interface to a set of interfaces in a subsystem (a library, a framework, or any other complex set of classes), making it easier to use. It involves creating a facade class that represents a higher-level, unified […]
Eduard Ghergu
by Eduard Ghergu
Software Architect

Tech Trends

Innovation in Practice: Navigating Through Proof of Concept, Prototypes, Pilots, and MVPs

1. Common Terms Understanding the “Lingo of Innovation”   Proof of Concept, Prototype, Pilot, MVP… sound familiar? These terms are often tossed around in innovation discussions, but do we really know what they mean? Here, we’ll unpack these buzzwords and set the record straight on their distinct roles in the innovation process.   2. Proof […]
Alexandru Hutanu
by Alexandru Hutanu
Engineering Manager