Title:  IT Risk & Security Management

About Chain IQ

Chain IQ is an Independent Global Indirect Procurement company providing strategic, tactical, and operational procurement services. Headquartered in Zurich, Switzerland Chain IQ operates from 6 main centers and 14 offices worldwide.

Our team of experts work to transform procurement within an organization utilizing our market knowledge and insights supported by innovative technology to drive procurement efficiencies. 

We apply the latest risk, sustainability, and social responsibility practices to strengthen procurement resilience. Chain IQ’s approach to ESG supports ethical operations, business standards and bio-diversity whilst minimizing environmental impact.

Join our Team

It is an exciting time at Chain IQ and our team in Bucharest are looking for an Expert in IT Risk & Security Management.

Chain IQ generate value far beyond cost reduction. We transform our client’s indirect procurement towards a world-class, resilient, ethical and digitalized end-to-end function. We promote a culture of collaboration and shared excellence while encouraging an open and honest exchange of ideas. We offer the potential for significant corporate growth and career development.

Our ambition is to strengthen the existing highly experienced team to provide the best in industry support to our growing client base.

Role Purpose

The primary purpose is to deliver value-add sourcing services to clients in a structured, professional and consistent manner.

Responsibilities

We are currently seeking an Expert to join the IT Risk & Security Management. The Expert needs to be a dynamic, highly client-focused individual with proven experience within IT Risk & Security Management.

The individual will have experience in working with the main suppliers in globally of Risk & Security Management.

Main responsibilities will include:

• Develop, manage, and maintain the ISMS
• Manage and maintain organization’s business continuity documentation
• Support the internal security governance framework appropriately address business needs
• Analyzing risks and conducting ongoing security assessments
• Manage the security internal controls framework
• Working with appropriate functions to address any risk/ gap identified
• Ensure monitoring of the progress of all actions agreed to be implemented to address any security risks and gaps
• Determine security violations and inefficiencies by conducting periodic audits
• Provide support for ensuring full compliance with internal & external requirements on risk, security, and data privacy.
• Close support for product development activities to ensure privacy & security by design principles are appropriately integrated within SLDC
• Recommend further development to keep the organization in line with security best practices.

Requirements

• Minimum of four to seven years of relevant experience in information security & risk management
• Experience in implementing & maintaining ISMS as per ISO 27k requirements & guidance, BCP/ DR
• Excellent understanding of IT & security controls
• Experience with managing & monitoring network security and networking technologies and with system, security, and network monitoring tools
• Thorough understanding of the latest security principles, techniques, and protocols
• Problem solving skills and ability to work under pressure
• BS degree in Computer Science or related field
• Familiarity with security frameworks (ISO, NIST, COBIT), industries best practices and GDPR
• Certifications such as CISA, CISSP, CGEIT CISM or ISO 27k desired
• Experience in implementing a Secure SDLC desired
• Excellent communication skills.

We proudly offer a first-class benefits package to all employees, so come and join Chain IQ and become part of an innovative, inspiring, and high-performing team of entrepreneurs, who are globally connected and locally anchored.

Please let us know if you require any assistance during the recruitment process so that we can work with you to meet your needs.

Furthermore, please be advised that if you submit an application to us for this position, your application and personal details will be processed in accordance with our Data Privacy Notice for Job Candidates.

Important notice to Employment Businesses/ Agencies:

CHAIN IQ does not accept referrals from employment businesses and/or employment agencies in respect of the vacancies posted on this site. All employment businesses/agencies are required to contact our CHAIN IQ recruitment team to obtain prior written authorisation before referring any candidates. In the absence of such written authorisation being obtained any actions undertaken by the employment business/agency shall be deemed to have been performed without the consent or contractual agreement of CHAIN IQ. CHAIN IQ shall therefore not be liable for any fees arising from such actions or any fees arising from any referrals by employment businesses/agencies in respect of the vacancies posted on this site