IT&N Security Team Leader

Orange Moldova is looking for a new colleague to fill in the position on IT & Network Security Team Leader.

In the position of IT&N Security Team Leader you will be responsible for developing, implementing, and maintaining a comprehensive information security program that protects the company's critical assets, data, systems, and physical infrastructure from cyber/security threats and ensures compliance with relevant regulations and industry standards.

What you will doing:

Compliance and Governance:

Ensure compliance with relevant laws, regulations, and industry standards related to information security, data privacy, and risk management (e.g., GDPR, NIS2, ISO 27001).
Develop and maintain a governance framework to manage and mitigate risks.

Security Program Development:

Lead and manage the Information Security organization to develop a roadmap for Technology to anticipate and manage security risks and to support business initiatives across the company.
Design, implement, and continuously improve a robust information security program aligned with industry best practices and relevant security frameworks (e.g., CIS Controls, ISO 27001, and NIS2).
Develop comprehensive policies, procedures, standards, and best practices to safeguard the confidentiality, integrity, and availability of information assets.

Incident Response and Investigations:

Lead the organization's incident response efforts.
Oversee the investigation and resolution of security incidents, coordinating with relevant stakeholders and authorities as needed.

Vendor and Third-Party Risk Management:

Establish and maintain processes for evaluating and managing the security risks associated with third-party vendors, service providers, and partnerships.

Budget and Resource Management:

Develop and manage the information security budget.
Ensure appropriate allocation of resources to support security initiatives and ongoing operations.

Collaboration and Communication:

Collaborate closely with cross-functional teams (e.g., engineering, IT, legal, compliance) to align security efforts with organizational objectives.
Effectively communicate security risks and mitigation strategies to stakeholders at all levels, including executive leadership, through regular security briefings and reports.

Knowledge, Skills and Abilities

Proven experience in a senior information security leadership role.
Comprehensive knowledge of information security principles, practices, and industry standards (e.g., NIS2, ISO, COBIT (Control Objectives for Information Technology), SOC2).
Strong understanding of risk management frameworks and methodologies, including risk assessment, risk treatment, and risk reporting.
Expertise in cybersecurity technologies, including firewalls, intrusion detection/prevention systems, encryption, security information and event management (SIEM) solutions, security tool implementation, data governance and compliance.
Experience with System Administration basics with Linux (CentOS, RedHat) and/or Microsoft Windows Server (and associated technologies such as Active Directory and Exchange).
Experience with cloud security best practices and technologies to protect critical infrastructure.
Knowledge of current cybersecurity trends, threats, and techniques for protecting against them.
Exceptional leadership, communication, and interpersonal skills to effectively manage teams, interact with stakeholders, and convey complex security concepts.
Strong project management skills and the ability to plan and execute strategic security initiatives.
Proactive and innovative mindset, with the ability to anticipate and address emerging threats.
Strong analytical and problem-solving skills.
Ability to work under pressure and manage multiple priorities.
Excellent organizational and time-management abilities.
Fluent Romanian or Russian and English.