Brainspotting - Zone IT Security Manager (EMEA)

Zone IT Security Manager (EMEA)


11 Jan 2021


31 Mar 2021



Full Time



Out client is the world leader in transactional solutions for companies, employees and merchants, with business volume of more than €31 billion generated in 2019, of which 80% through digital formats. Whether delivered via mobile, online platform, card or paper voucher, all of these solutions mean increased purchasing power for employees, optimized expense management for companies and additional business for partner merchants.

The Group's offer is built around three business lines:
 ●   Employee Benefits (food, meals, well-being, leisure, culture and human services)
 ●   Fleet & Mobility Solutions (fuel, tolls, maintenance and business travel)
 ●   Complementary Solutions, including Corporate Payment Services (virtual payment cards, identified wire transfers and supplier payments), Incentives & Rewards (gift cards and platforms, and incentive programs), and Public Social Programs.

The Group brings together a unique network of 47 million employee users, 830,000 corporate clients, and 1.7 million partner merchants.

Listed on the Euronext Paris stock exchange and part of the CAC Next 20 index, it operates in 45 countries, with close to 8,000 employees. It is at the forefront of technological innovation (e.g. partnership with Apple Pay) and is actively involved in open innovation through Capital Partners (the Group's corporate venture, supporting more than 10 start-ups since 2012) and a key partnership with Partech Ventures (€25m committed by the Group since 2012, 12 investments).

The company is implementing a worldwide strategy to improve IT compliance and protect the business. This strategy is sustained by 4 major pillars:
PEOPLE - Anchor cyberculture in the company with best practices, awareness, training, and stronger IT security organisation
RULES - Enforce IT security policies applicable to the whole Group
DELIVERY - Implement global IT security projects & services to improve the security level
PERFORMANCE - Develop a culture of control & performance to assess the security level, compliance and improvements.

In this context, the Group is looking for its new IT Security leader for EMEA. The role is based in Bucharest, Romania. 


The IT Security leader is a centerpiece in the IT Security set up. S/he will be in charge of IT security in the Zone.  

KEY RESPONSIBILITIES for the zone and its Business units
  • Implementing the global IT security strategy at zone level
  • Building, managing and reporting the IT compliance budget and costs in accordance with Group requirements
  • Managing the IT security leaders and experts in the zone  
  • Overseeing or managing IT security projects
  • Taking over specific global IT compliance topics for the Group if need be
  • Managing security services in accordance with Group strategy (e.g. Access management, Authentication, Network / Email / Endpoint Security, DLP, …)
  • Defining, implementing and maintaining the IT Security procedures in the zone, in accordance with Group policies
  • Implementing IT security in projects (Security by design : risk analysis, recommendations, control before go live), using Group methodology
  • Performing and reporting IT Security risk assessments on IT applications and IT assets to ensure compliance with the group security standards and protect the business
  • Implementing security controls on IT services, including penetration testing, code reviews and third-party audits
  • Collecting, analyzing and publishing security KPIs for the zone, providing improvement actions
  • Following-up zone remediation plan
  • Role includes IT continuity supervision (IT DRP) and IT compliance, complying with the standard and regulation needed for the business (PCI-DSS, ISO27001, …)
  • Promoting IT compliance in the zone and be the referent inside the zone regarding IT compliance
  • Integrating IT compliance requirements or perspective in project and application risk analysis (e.g. GDPR IT related requirements, IT resilience, Internal audit P1 recommendations) 
  • Managing and reporting IT security incident according to Group policy & procedures

  • Reports to the Global Chief Information Officer of the Group
  • Direct reports : Region IT security leaders, Business Units IT Security leaders and experts
  • Other key relationships : Global IT security team, Zone IT leader, Region IT leaders, BU IT leaders, Application owners, Developers, project managers, IT ops, General managers and business representatives, Data Protection Officer, Architects

  • Monitoring the Digital risk in the Zone (regulatory, governance, IT infrastructure and application)
  • Ensuring the implementation of the Group security policies and procedures
  • Ensuring the Group's Digital systems constantly meet security standards and/or company risk appetite
  • Supporting the company's initiatives around new technologies and bringing in innovation to the IT security practices (Cloud security, DevSecOps approach, …) 


 The successful candidate will be an accomplished information security professional with a proven track record of having successfully developed and implemented information security policies and procedures, in conjunction with business leaders. S/he will be result and performance oriented with a can-do attitude and be able to persuade/influence others in the organization. The IT Security leader  needs to build and report the information security risk profile of the zone.
As a manager, specialized in information security, the IT Security leader, requires strong communication skills. The ability to engage various stakeholders with passion and conviction to persuade others that security is paramount and not just an option. Manager posture as well as relevant technical skills are essential to ensure credibility within the Company.  
  • 5+ years of experience as Information security manager and expert in a still growing, evolving international matrix environment. Experience should ideally have been gained in large and complex international organizations where security is a critical capability. S/he will have demonstrated experience building trusted relationships in the organization, based on competence and credibility rather than authority. Experience in project management and procedure implementation, maintenance and monitoring will be appreciated.
  • Extensive knowledge of Security and Risk Frameworks as well as software development best practices. Additionally, s/he will have deep understanding of the cybersecurity threats and stakes. That experience will have been acquired within forward-thinking / modern organizations, operating preferably with public cloud (AWS/Azure) and eCommerce platforms.
  • Professional security management certification is a plus e.g. Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or other similar credentials. Experience in certification, security standard or regulatory program (e.g. ISO27001, PCI-DSS, NIST, CIS, GDPR, DSP2, …) is also a plus.
  • Fluent in English, French will also be preferred.
  • Other European languages would be advantageous. 

  • Collaborating and Influencing
  • Invites and uses the opinions and perspectives of others across the organization
  • Adapts own approach to the audience, anticipating issues, preparing for possible resistance to proposed solutions and responding in an appropriate style to reach a mutual agreement
  • Resolves conflicts by discussing individual issues with each person
  • Works closely with various business unit IT leaders and application owners to ensure a common understanding of objectives. 
  • Takes initiative and proactively engages with the Business units, rather than being reactive to their demands. 

Cultural Agility
  • Accepts input from a wide range of perspectives in a highly international context. 
  • Promotes diversity of views, such as diversity from thoughts, background, experience and process, in headquarter and subsidiaries.  


● Benefits online;
● Ticket meal card;
● Holiday voucher;
● Gift card for holidays ;
● Flextime;
● Work from home; 
● Various courses;
 and more. 


Poziționare în organizație

Departament: It


Posturi similare


actualizat : 22/Jan

expiră : 31/May

Technology Lead (new center in Bucharest, US hours)

Amazon Web Services (AWS), Angular, C#, DevOps, Docker, Entity Framework, HTML, Linux, Mic...

actualizat : 20/Jan

expiră : 31/Mar

General Manager (IT)

București, Cluj-Napoca

actualizat : 18/Jan

expiră : 31/May

C# Web Expert/Architect (with .Net core & Angular; new center in Bucha...

Angular, C#.NET development, Docker, Jenkins, Microservices, Service-Oriented Architecture...

actualizat : 18/Jan

expiră : 31/May

Senior PHP Developer

MySQL, PHP, React, Symphony, Zend

actualizat : 18/Jan

expiră : 31/Mar

Senior Cloud Engineer

Amazon Web Services (AWS), DevOps, Docker, Kubernetes, Linux, Python, Windows

actualizat : 18/Jan

expiră : 28/Jan

Senior Software Engineer for BIG DATA solution

Akka, Java, Pycharm, Python, Scala, Spring Boot

actualizat : 18/Jan

expiră : 01/Apr

Senior QA Automation Engineer


actualizat : 13/Jan

expiră : 31/Mar

Data Analyst


actualizat : 12/Jan

expiră : 17/Mar

IT Project Manager - Banking Industry

Banking, Banking Software, PMP

actualizat : 21/Dec

expiră : 31/Mar

BPM Developer (banking industry)