Your journey starts here!

Create. Grow. Deliver our story to millions.

#BTCode, where technology meets creativity. Code is our universal language and innovation is the fuel that propels us into the future. 🚀

Why join us?

Information Security is one of the most dynamic and rewarding fields, requiring a unique blend of offensive thinking, defensive strategy, and adaptability.

Your contribution will directly enhance the security posture of Banca Transilvania and help protect against cyber threats. You’ll be part of a team that values innovation, collaboration, and continuous learning.

What you will do in this role:

• Conduct security risk assessments for new applications, updates, and changes prior to production deployment.
• Review and approve production changes based on risk analysis, compliance requirements, and security best practices.
• Collaborate with development, architecture, DevOps, and infrastructure teams to ensure secure design and implementation.
• Maintain and update risk assessment frameworks, checklists, and approval workflows.
• Document and communicate identified risks, mitigation strategies, and approval decisions.
• Monitor and report on security posture related to application changes and deployments.
• Ensure compliance with internal policies, regulatory requirements, and industry standards (e.g., ISO 27001, NIST, OWASP).
• Support incident response and post-deployment reviews when security issues arise.

What we expect from you:

Technical Requirements

• Bachelor’s degree in Computer Science, Information Security, or a related field.
• 3+ years of experience in application security, risk management, or related roles.
• Strong understanding of secure software development lifecycle (SSDLC).
• Familiarity with risk assessment methodologies and tools.
• Knowledge of common vulnerabilities and mitigation techniques (e.g., OWASP Top 10).
• Solid grasp of networking principles, including equipment, protocols, segmentation, and security best practices.
• General knowledge of operating systems (Windows, UNIX, Linux), web servers, firewalls, load balancers, databases, and authentication systems, with experience in applying hardening techniques.
• Experience with change management processes and production environments.
• Excellent communication and documentation skills.

Nice to have

• Relevant certifications (e.g., CISSP, CISM, CRISC, CSSLP).
• Experience with cloud platforms (AWS, Azure, GCP) and containerized environments.
• Experience with Agile methodologies and tools like Jira.

Soft Skills

• Ability to collaborate effectively with cross-functional teams (development, architecture, DevOps, infrastructure, business teams, project managers, DBAs, network administrators).
• Strong analytical and problem-solving skills.
• Ability to work independently and manage multiple assessments simultaneously.
• Excellent communication and documentation skills.
• Ability to interact with external stakeholders (regulators, auditors, consultants, security solution providers).
• Interest in staying up to date with security trends and exploits.
• Ability to interpret and apply regulatory requirements (e.g., GDPR, PCI-DSS) is a plus.

If you want to find out what other jobs we still have available, like Life at BT or what #Culture BT is, you can also access the Bank's career website: https://cariere.bancatransilvania.ro/

Ready to venture into this journey?