Security Officer

Location and Work Setup:

The position is based in the Bucharest Office, near Grozavesti metro station, with a flexible hybrid way of working.

Responsibilities:

• Act to enforce security and information protection policies, in accordance with the provisions of the bank Articles of Incorporation and specific regulations
• Analyse and investigate security incidents assigned directly for resolution or posted in the dedicated application. Analyse and investigate customer complaints and reports regarding information security and confidentiality
• Utilize threat intelligence feeds to identify emerging risks and correlate with internal telemetry
• Collect and disseminate intelligence across the organization to detect, prevent, and mitigate cyber threats
• Provide assistance in receiving, addressing, and reporting critical security incidents
• Monitor, evaluate, and report on the evolution of threats and vulnerabilities of IT systems
• Continuously monitor digital channels to identify phishing, smishing, and vishing campaigns
• Analyze and validate alerts, block malicious sources, and coordinate response actions with the SOC
• Improve detection scenarios and support simulated phishing programs
• Monitor customer transactions and user behavior to detect anomalies or potential fraud
• Investigate security incidents impacting customers (account takeover, unauthorized transactions, fraudulent actions)
• Work with Payments, Fraud, and Digital Banking teams to improve customer protection measures
• Detect and investigate fake profiles impersonating bank employees or the corporate brand
• Initiate takedown procedures with platform providers and follow up on case progress
• Analyze social engineering trends and recommend preventive measures
• Conduct end-to-end investigations of security cases reported by customers: log analysis, URL review, header inspection, digital evidence gathering
• Identify the root cause of each incident and recommend remediation actions
• Provide clear, professional communication to Customer Care and Fraud teams regarding findings
• Investigate alerts related to privileged or sensitive users logging in outside standard business hours
• Validate the legitimacy of activities, escalate when needed, and document outcomes
• Tune alerts and collaborate with SOC to reduce false positives
• Prepare onboarding documentation (log sources, use cases, integration details, detection rules)
• Configure log collection, set up secure connections, and validate the ingestion process
• Test data quality, define initial alerting rules, and document the full setup
• Gather, analyze, and disseminate indicators of compromise (IOCs), attack techniques (TTPs), and intelligence reports
• Integrate CTI into SIEM rules, phishing scenarios, investigation playbooks, and detection pipelines
• Collaborate with Group CTI teams and contribute to coordinated threat intelligence efforts
• Use your ability to create automation scripts (Python, PowerShell) for: log enrichment, vulnerability scanning, phishing-email triage workflows
• Ensure the provision of information and the introduction of the concept of security, education, and professional training
• Execute work related to responding to internal and external audit missions
• Participate in ensuring the security and protection of classified information

What we are looking for:

• Education: Bachelor’s Degree or higher
• Minimum 3 years’ experience in the field of Information Security
• Experience in cybersecurity, fraud prevention, SOC operations, or threat monitoring
• Strong understanding of phishing, social engineering, digital fraud, and security protocols
• Hands-on experience with SIEM platforms
• Excellent analytical skills and attention to detail
• Ability to work with sensitive information and react quickly in critical situations
• Clear communication skills and the ability to translate technical findings into actionable recommendations
• English language proficiency

Nice to Have:

• Certifications: CEH, SCCP, other specific IT and IT security technology courses and certifications