Ogólne informacje

Stanowisko
Junior Information Security
Wymiar czasu pracy
Pełny wymiar czasu pracy
Miasto
Bukareszt
Kraj
Rumunia
Dział
Enabling Services
Zespół
Information Technology
Obszar zainteresowania
IT - Services
Tryb pracy
Hybrydowy

Opis i wymagania

Who we are looking for
Our Information Security and Compliance team provides services for Deloitte CE practitioners in 40+ offices and across 18 countries on matters that have to do with information security management and compliance, cybersecurity risk management, and coordination of incident response activities.

As a Junior Security Specialist in our team, you will assist with Level 1 handling of requests from our practitioners regarding various information security compliance requirements and exceptions, as well as assisting Senior specialists with specific tasks. You will be reporting to a Senior member of the Deloitte CE CISO team

Requirements

· Fluency in spoken and written English (C1).
· Skills in Microsoft Office.
· Ability to use their initiative, manage high workload effectively and meet deadlines.
· Attention to detail and focus on quality whilst ensuring efficiency and maintaining a high work output.

Optional

· Any of the following certifications is a big differentiator: CISA, CISM, ISO 27001
· Experience working in a role handling information security
· Computer science graduate

Your future role
Responsibilities

· Reviewing exception requests based on our exception management procedure and acting upon approved scenarios or escalating to colleagues for approvals as defined in the process
· Conducting application security assessments based on our procedure and security requirements requesting and collecting information from business stakeholders and global services.
· Assisting senior colleagues with specific tasks requiring assessment of contractual requirements
· Participating in meetings along senior colleagues, maintaining minutes, and following up on proposed action plans with interested parties
· Monitoring DLP alerts and collecting additional information from business stakeholders and data owners to identify false positives or confirm DLP incidents and escalate to senior colleagues
· Follow-up and track actions defined in the Risk Treatment Plan, update status throughout the company and escalate delays or missed deadlines to senior colleagues within the team