European IT Security Manager Application and Cloud Security in Constanţa

International Personal Finance (IPF) the mother company of Provident Pénzügyi Zrt. is looking for a new expert in its European IT Team.   What will your role be in the organization?   Regional role working with IT and business teams across European Home Credit (EHC).   Responsible for the definition, implementation and management of IT security policies, standards and baselines, particularly in the area of application security (SDLC, shift-left security) and cloud security.   Responsible for application and cloud security strategic planning, delivery and reporting. Provides security support for business projects delivering new/changed IT business solutions. Provides advisory service and contributes EHC IT and Security community in IPF/Provident.   Your responsibilities:   ·       Define and update IT security requirements (policies, standards, baselines), in particular in the area of application and cloud security. ·       Define and support implementation of application security strategy taking into account cloud operating model and shift-left security. ·       Develop and support implementation of cloud security strategy, governance and controls. ·       Support delivery and operations of DevSecOps security testing tooling used by delivery teams. ·       Support delivery and operations of CyberSecurity solutions protecting applications exposed to the Internet – in particular WAF and DDoS protection. ·       Provide security support for business projects – in particular define IT security requirements, support secure design of solutions, check if requirements are implemented and organise security testing prior go-live. ·       Support delivery teams and architects community with security advisory. ·       Collaborate with other Security team members and contribute development of overall cyber security governance and controls. ·       Help manage security incidents and provide a rapid response service in the event of a security breach. ·       Monitor cyber security industry, identify new emerging threats and protection solutions.     Our requirements:   ·       Minimum 5 years of Information Technology and 3 year of Security experience, ·       Foundational knowledge of all security domains and controls (ISO 27001/2), ·       Understanding and working experience of cloud security, application security, secure architecture, DevSecOps tooling. ·       Master’s or Bachelor’s degree (Information Technology), ·       Excellent English verbal and written communication skills, ·       Excellent communication and interpersonal skills, ·       Problem solving approach, ·       Great work organizational skills.   Optional: ·       Security skills proven with one of industry recognised certifications: CISSP, CISM, CISA, CompTIA, Security+, GSEC; ·       Cloud computing knowledge proven with CCSK, CCSP and CSP specific (in particular AWS) certifications, ·       Hands on experience with cloud computing security tooling, ·       Experience with DevSecOps security testing toolig (SAST, DAST, SCA, etc), ·       Experience from financial field.     What we can offer:   ·       Stable employment – ​​89% of people are employed under an employment contract for an indefinite period. ·       Safety – we have been on the Polish market for 25 years. ·       Friendly work environment – ​​we have received the Top Employer award 11 times in a row. ·       Hybrid work – we usually meet in the office twice a week (Dworzec Gdański metro station). ·       Extra 3 days of paid leave – if you use all your leave in a given calendar year. ·       Private medical care with appointment guarantee service (Medicover). ·       Full implementation under the supervision of a mentor, including a package of professional implementation training. ·       Access to the development platform, including e-learning training, podcasts and webinars. ·       Activities supporting development in the organization, e.g. the "Effective Manager" training series for people holding managerial positions. ·       Business telephone (also for private use). ·       Access to the ProviBenefity cafeteria platform, which is supplied with a monthly amount to be used, or subsidies for your Multisport card - you choose from 5 types of cards. ·       Life insurance (UNUM Życie TUiR S.A.) on preferential terms. ·       Christmas benefits and co-financing for the "Holidays under the pear tree" holiday for you and your children. ·       Psychological support for employees, including: care of a psychologist (including children's), psychotherapist, dietician, coaching.