Title:  IT Risk & Security

At Chain IQ, your ideas move fast.

Chain IQ is a global AI-driven Procurement Service Partner, headquartered in Baar, Switzerland, with operations across main centers and 16 offices worldwide. We provide tailored, end-to-end procurement solutions that enable transformation, drive scalability, and deliver substantial reductions in our clients' indirect spend. Our culture is built on innovation, entrepreneurship, ownership, and impact. Here, your voice matters - bold thinking is encouraged, and action follows ambition.

Join our Team

It is an exciting time at Chain IQ and our team in Bucharest are looking for a Senior IT Risk and Security Analyst.

Chain IQ generate value far beyond cost reduction. We transform our client’s indirect procurement towards a world-class, resilient, ethical and digitalized end-to-end function. We promote a culture of collaboration and shared excellence while encouraging an open and honest exchange of ideas. We offer the potential for significant corporate growth and career development.

Our ambition is to strengthen the existing highly experienced team to provide the best in industry support to our growing client base.

Role Purpose

The primary purpose is to deliver value-add sourcing services to clients in a structured, professional and consistent manner.

The role will monitor, detect, analyze, and respond to cybersecurity threats and incidents, ensuring the protection of organizational assets, data, and systems.

Additionally, you will contribute to the continuous evolution of Security Operations by enhancing detection capabilities, supporting automation, and strengthening alignment with enterprise risk, compliance (e.g., SOC2, ISO27001), and incident response frameworks within a Three Lines of Defense (3LoD) model.

Responsibilities

We are currently seeking a Senior Level Analyst to join the IT Risk and Security team.The role requires  a dynamic, highly client-focused individual with proven experience within IT Security field.

Main responsibilities will include:

We are currently seeking a Security Analyst (Senior-Level) to join the Cyber Security Operations Team (1st Line of Defense). The Security Analyst needs to be a dynamic, highly client-focused individual with proven experience within Security Operations, Threat Detection, and Incident Response.

Main responsibilities will include:

• Monitor and analyze security alerts across enterprise platforms (SIEM, EDR, identity, cloud, and AI-driven security tools)
• Perform advanced triage and investigation of security incidents, including phishing, endpoint threats, identity compromise, and cloud-based attacks
• Support detection and response capabilities related to AI platforms, Copilot-type services, and agentic systems, including misuse, data leakage, and abnormal behavior patterns
• Lead or support incident response activities, ensuring effective containment, eradication, and recovery
• Conduct root cause analysis and contribute to post-incident reviews to strengthen controls and processes
• Correlate signals across endpoint, identity, email, cloud, and AI interaction layers to identify complex and multi-stage attack patterns
• Develop and tune detection rules and use cases, including those related to AI usage, prompt injection risks, and data exposure scenarios
• Support threat hunting activities, including emerging threats targeting cloud and AI-enabled environments
• Collaborate with IT, cloud, data, and AI platform teams to securely enable new technologies and reduce risk exposure
• Contribute to SOC transformation initiatives, including automation, orchestration, and AI-assisted security operations
• Maintain high-quality documentation and audit-ready evidence aligned with SOC2 and internal control expectations
• Support control assurance activities and ensure alignment with 2nd Line governance and AI risk frameworks
• Act as an escalation point for junior analysts and contribute to knowledge sharing within the team

Requirements

• 3–5 years of experience in cybersecurity, with a focus on security operations, threat detection, or incident response
• Strong hands-on experience with SIEM,EDR and SOAR tools (e.g., Microsoft Sentinel, Defender, CrowdStrike)
• Solid understanding of enterprise attack techniques, threat vectors, and MITRE ATT&CK framework
• Experience with Microsoft security ecosystem (Defender suite, Entra ID, Purview) is highly desirable
• Understanding of cloud security principles (Azure preferred) and modern endpoint security architectures
• Foundational understanding of AI security risks, including data leakage, misuse of AI tools, and prompt-based threats (practical exposure preferred)
• Experience working in controlled or regulated environments (SOC2, ISO27001) with audit and evidence expectations
• Ability to independently manage and prioritize multiple incidents in a fast-paced environment
• Strong analytical mindset with attention to detail and structured problem-solving approach
• Effective communication skills, with the ability to translate technical findings into business-relevant insights

Join a truly global team.

We offer a dynamic and international environment where high performance meets real purpose. We're proud to be Great Place to Work-certified and even prouder of the people who make that possible. Let’s shape the future of procurement - together.

Chain IQ – Create. Lead. Make an impact.

Information for agencies: Applications sent or uploaded by placement agencies or similar are not desired, will therefore not be considered and will be deleted.