Project description

Join our Development Centre in Bucharest and become a member of our open-minded, progressive and professional team. In this role you will be working for one of our world-famous clients.
The Chief Security Office (CSO) of our client comprises the Chief Information Security Office (CISO) and the Corporate Security unit. The CISO organization guarantees information security for our client.
This position is aligned within TDI/CSO Enterprise Security Architecture & Enablement supporting the Security Design Authority, the team with responsibility for security architecture governance through review of new and changing assets to ensure that they are secure by design and adhere to our client's security controls policies, standards, guidelines, and procedures.
On top of attractive salary and benefits package, Luxoft will invest into your professional training, and allow you to grow your professional career.

Responsibilities

We are seeking an experienced Information Security Audit & Risk Management Specialist to support global security functions in managing information security risk, audit findings, and regulatory obligations. The role focuses on driving transparency of risk exposure, supporting remediation activities, and ensuring effective governance across complex, multi-stakeholder environments.

Support the information security audit lifecycle by participating in internal and external auditor calls, coordinating subject matter experts, and ensuring timely collection of required documentation.

Drive effective findings management by supporting finding owners throughout the lifecycle, providing constructive feedback on documentation quality, risk implications, and opportunities for improvement.

Collaborate closely with audit managers, finding owners, and risk stakeholders through regular meetings and written communication to ensure timely remediation of audit findings.

Ensure accurate and compliant management of audit findings, including tracking milestones, meeting regulatory deadlines, and proactively escalating risks or delays.

Provide regular and ad-hoc status updates on audit findings to senior management and other stakeholders, ensuring transparency and early issue escalation.

Maintain and continuously update internal trackers, training materials, and supporting documentation related to audit and findings management.

Monitor and apply updates to key operating procedures and documentation standards for findings management to ensure ongoing compliance with latest requirements.

Skills

Must have

Proven experience in information security risk management, audit coordination, or regulatory compliance within the financial services or technology sector.

Strong understanding of audit findings management, issue remediation, and control frameworks in regulated environments.

Excellent stakeholder management and communication skills, with the ability to translate security and risk topics for both technical and non-technical audiences.

Strong analytical and organizational skills, with experience managing multiple priorities and tight deadlines.

Advanced proficiency in Microsoft Office tools (Excel, PowerPoint); experience with risk tracking tools or dashboards is an advantage.

Comfortable driving topics forward with all sorts of stakeholders, including persistent follow-ups where necessary, in fast-paced and deadline-driven environments

Nice to have

Experience supporting large-scale security, cloud, or infrastructure-related risk initiatives.

Familiarity with information security or risk certifications (e.g. CISSP, CISM, CISA, CRISC).

Experience working with globally distributed teams across multiple time zones.

Other

Languages

English: B2 Upper Intermediate

Seniority

Regular

Related jobs

View all vacancies

Cybersecurity Engineer

Cybersecurity

Serbia

Belgrade

Cybersecurity Engineer

Cybersecurity

Ukraine

Remote Ukraine

Cyber BA

Cybersecurity

United Kingdom of Great Britain and Northern Ireland

London

Bucharest, Romania

Req. VR-121726

Cybersecurity

BCM Industry

17/03/2026

Req. VR-121726

Apply for Information Security Audit & Risk Management Specialist in Bucharest

*Indicates a required field

First name

Last name

Your country

Your City

Phone

Specialization

Attach your resume (max file size 1MB; allowed extensions: doc, txt, pdf, docx) Upload resume

Number of years of experience in the specialization you are applying for

What are your monthly gross salary expectations?

Read Explanatory Notes

Under the terms of your specific consent or to perform our obligations under a contract with you, as applicable, we, Luxoft Holding Inc. will manually and electronically process your personal data, specifically your first name, last name, phone number, e-mail address and other data you provide us through this form.

Within this context, we process personal data only for the specific purpose(s) indicated in the individual consent language or other notices provided below.

We will – insofar as reasonably necessary for the purpose you have agreed to and within the scope of applicable laws – transfer your personal data to other entities within the Luxoft Group and to the group of third party recipients listed in our Privacy Notice. Such Recipients can be located outside the European Union (EU) and/or the European Economic Area (EEA) (“Third Countries”). The Third Countries concerned, e.g. the USA, may not have the level of data protection that you enjoy e.g. under the GDPR. This can result in disadvantages such as an impeded enforcement of data subjects’ rights, a lack of control over further processing and access by state authorities. You may only have limited legal remedies against this. Insofar our transfer of your personal data to recipients in Third Countries is not covered by an adequacy decision of the EU Commission, we achieve an adequate level of data protection as further detailed out in our Privacy Notice.

With your consent, we personalise marketing communications to you by way of carrying out marketing research analysis, analysing the surfing-behaviour of our website visitors and to adjust it to their detected tendencies, as well as to plan more efficient future marketing activities. This personalised marketing does not include any automated decision-making activities.

Further information on how we process personal data in general is available in our Privacy Notice. You may withdraw any given consent at any time. The withdrawal of your consent(s) will not affect the lawfulness of processing before its withdrawal. For any request in this context, please e-mail us at: DPO@luxoft.com.

Before uploading CV or any other information to this website, to learn more about your obligations and restrictions arising from the use of this website, please read our Terms of Use.

By clicking the Agree and Send button, you consent that Luxoft Holding Inc. can process your provided personal data for the purpose of processing your application to establish a potential employment, internship or relocation with Luxoft Holding Inc., a relevant affiliate of the Luxoft Group or Luxoft Group’s clients, as applicable. You consent to the retention of your personal data, with the purpose of contacting you for potential future employment opportunities. If you refer a friend, we will process your provided personal data of you and your referral to award you with a bonus for such recommendation. You can withdraw your consent at any time with effect for the future. Before you consent, please click on „Read these Explanatory Notes“ and view our Privacy Notice (e.g. for your data subject rights).

Note: Our system automatically converts each CV into our standardized format, enabling our HR teams to process applications more efficiently.

I consent that Luxoft Holding Inc. and the affiliates of the Luxoft Group can process my personal data for the purpose of sending me regular emails with information about Luxoft as an employer including job vacancies and (ii) marketing communications with information about recruitment-related events, organized webinars, conferences, as well as the Logeek Magazine and other similar publications. I can withdraw my consent at any time with effect for the future. These communications are personalised to my interests in accordance with our Privacy Notice.

Related Jobs

All jobs

MENU

Information Security Audit & Risk Management Specialist

Project description

Responsibilities

Skills

Other

Related jobs

Cybersecurity Engineer

Cybersecurity Engineer

Cyber BA