Information Security Governance Officer

Your digital journey starts here!

Create. Grow. Deliver our story to millions.

#BTCode, where technology meets creativity. Code is our universal language and innovation is the fuel that propels us into the future. 🚀

Job Summary:

Ensure governance, compliance, and performance in the field of information security by developing, implementing, and monitoring the internal framework aligned with BNR regulations, DORA, GDPR, EBA guidelines, and auditor requirements.

1. Governance and Regulation

• Develops, updates, and implements security policies, standards, and procedures, ensuring continuous alignment with legal and audit requirements.
• Monitors legislative and regulatory changes, promptly adapting the internal framework and informing relevant structures.
• Defines clear responsibilities and efficient workflows between key departments (IT, business, compliance, audit, legal) for managing risks and implementing policies.

2. Performance and Risk Management (KPI/KRI)

• Defines, monitors, and reports performance indicators (KPI) and risk indicators (KRI) for information security at both departmental level and first line of defense.
• Analyzes collected data, identifies trends, proposes corrective measures, and optimizes processes to reduce risks.
• Ensures transparency and accuracy in reporting the status of risks, vulnerabilities, and remediation actions.

3. Reporting and Compliance

• Prepares and presents periodic reports to management regarding regulatory compliance, risk levels, vulnerability status, and progress of corrective actions.
• Prepares documentation and responses for external auditors and regulatory authorities; actively participates in audits and inspections.
• Coordinates remediation of identified non-conformities and tracks the implementation of auditor recommendations.

4. Cross-Functional Collaboration

• Collaborates actively with IT departments, enterprise architecture, IT governance, CRO, business, compliance, and audit to align security solutions and processes with organizational needs.
• Provides support to subsidiaries and facilitates the transfer of best practices across the group.

Soft Skills and Personal Abilities:

• Effective communication and collaboration across all levels and departments.
• Leadership, strategic thinking, results orientation, proactivity, and adaptability.
• Strong analytical, synthesis, and prioritization skills based on risks and organizational objectives.

Role Requirements:

• Minimum 5 years of relevant experience in security governance, preferably in the financial-banking sector.
• Experience in drafting, implementing, and maintaining regulations, and in managing relationships with auditors and regulatory authorities.
• Solid knowledge of BNR requirements, DORA, GDPR, and EBA guidelines.
• Certifications such as CISM, CRISC, CISSP, ISO 27001 are considered an advantage.

If you want to find out what other jobs we still have available, like Life at BT or what #Culture BT is, you can also access the Bank's career website: https://cariere.bancatransilvania.ro/ .