Information Security Engineer
Visma makes businesses more efficient, through offerings of software, commerce solutions, retail IT-solutions, and IT-related projects and consulting. Visma simplifies and digitalizes core business processes within the private and public sector. 600k customers in Northern Europe utilize Visma’s products and services, and an additional 300k use Visma as a hosting partner. The group has employees and its net revenue amounted to 7 855 million in 2016.
Visma IT & Hosting
Visma IT & Hosting provides IT operations and hosting services to more than 330k customers. We enable them to achieve their goals by offering best in class tailored IT solutions that are secure, innovative, simplified and efficient. We are the leading Nordic provider of hosting solutions. We also provide the global Visma community itself the tools and framework they need to innovate their software business.
Our international teams base their work on our wide knowledge of IT service delivery in on-premise environments, in hosting environments and in the cloud, both public and private. To accommodate this in a certified and formal manner we are certified in the fields of controls (ISAE 3402 ), security (ISO 270 01), quality (ISO 9 001), Project management (ISO 21 500) and IT service delivery (ISO 20 000 : 1). Our certificates also extend to our enterprise agreements on Microsoft Azure and Amazon AWS.
About the job
Visma IT & Communications is looking for a passionate and highly skilled Information Security Engineer.
You must have a drive to develop high quality processes that will run in an unusually complex technical environment. You will be a member of Security Department, where your skills and contributions to manage Visma security will be very visible. You must love to help team members and to receive help from them. The team is international so you will use English both written and orally. If the descriptions above fit you, and you can check several of the following bullets, Visma IT & Communications can offer you a very interesting work and competitive terms.
Security Department drives the company security governing model, which are increasingly required to oversee information security to ensure the objectives of the organisation are achieved.
In addition, governance of information security provides a powerful link between an organisation’s governing body, management and those responsible for implementing and operating an information security management system.
Furthermore, an effective governance of information security ensures that the governing body receives relevant reporting — framed in a business context — about information security-related activities. This enables pertinent and timely decisions about information security issues in support of the strategic objectives of the organisation.
The current position is located in Sibiu, Romania
Master’s or Bachelor's degree in related fields (Engineering, Computer Science, Mathematics), preferably in Information Security with an overall minimum of 5 years of relevant experience
In depth knowledge of processes, research and performance analysis capabilities
Negotiation capabilities and problem solving mindset
Understanding the IT Service industry as well as the relevant marketplace
Effectively cope with change; comfortably adjust to alterations in work activities; able to decide and act with limited information; effectively handle risk and uncertainty in ambiguous situations
Demonstrated resilience, diplomacy, influence, relationship building, and problem solving skills in a variety of situations
Highly effective written and oral communication skills, excellent interpersonal skills and experience dealing effectively with a wide range of people
Fluency in Business English is required
Customer oriented behaviour
Fast learner - research capabilities for obtaining required information.
Relevant experience in:
Operating systems administration
Computer networks administration
Experience in web application security
Experience in security engineering, computer and network security, authentication, security protocols and applied cryptography
Experience in monitoring networks using a variety of tools to identify potential intrusions
Skills in security forensics activities, malware reverse engineering and cryptanalysis
Skills in scripting and programming languages
In-depth technical knowledge within information security areas:
Intrusion detection and monitoring
Security Incident Response
Vulnerability assessments, web and infrastructure pentesting
Experience in implementing security solutions, in vulnerability testing, risk analyses and security assessments is an advantage
Would like to work primarily with information security technologies and processes
Conduct monitoring, operations and control tasks in regards to Security Operations Center (SOC) activities
Contributes in security incident management in regards to Security Incident Response Team (SIRT) activities
Performs vulnerability testing, risk analyses and security assessments
Investigate intrusion incidents, conduct forensic investigations and mount incident responses; Anticipate security alerts, incidents and disasters
Finds and documents new ways to solve existing production security issues
Develop automation processes to handle SOC and SIRT activities
Assist in activities related to information security management and ISMS operations and improvement processes. Assist with follow up of corrective measures
Deliver technical reports and formal papers on SOC, SIRT and forensics activities
Contributes to security best practices, ISO compliance and new security standards.
Assists in security training and awareness activities
Contributes to security programs for the organization
Attends conferences and trainings as required to maintain proficiency
Actively contribute to further developing of the Security Department in cooperation with the Team Manager and Department Manager
What Visma offers
We offer an exciting position in an international working environment where you will be part of a dynamic and highly skilled international team. You will have good opportunities for career development through internal training and diverse work assignments in a prominent international company. We offer competitive terms and conditions.