About this role
<p> </p> <p><span style="font-family:arial, helvetica, sans-serif;font-size:10.0pt;background-color:#ffffff;color:black"><strong>At Chain IQ, your ideas move fast.</strong></span></p> <p> </p> <p><span style="font-family:arial, helvetica, sans-serif;font-size:10.0pt;background-color:#ffffff;color:black">Chain IQ is a global AI-driven Procurement Service Partner, headquartered in Baar, Switzerland, with operations across main centers and 16 offices worldwide. We provide tailored, end-to-end procurement solutions that enable transformation, drive scalability, and deliver substantial reductions in our clients' indirect spend. Our culture is built on innovation, entrepreneurship, ownership, and impact. Here, your voice matters - bold thinking is encouraged, and action follows ambition.</span></p> <p> </p><p><span style="font-family:arial, helvetica, sans-serif"><strong>Join our Team</strong></span></p> <p> </p> <p><span style="font-family:arial, helvetica, sans-serif">It is an exciting time at Chain IQ and our team in Bucharest are looking for a Senior IT Risk and Security Analyst.</span></p> <p> </p> <p><span style="font-family:arial, helvetica, sans-serif">Chain IQ generate value far beyond cost reduction. We transform our client’s indirect procurement towards a world-class, resilient, ethical and digitalized end-to-end function. We promote a culture of collaboration and shared excellence while encouraging an open and honest exchange of ideas. We offer the potential for significant corporate growth and career development.</span></p> <p> </p> <p><span style="font-family:arial, helvetica, sans-serif">Our ambition is to strengthen the existing highly experienced team to provide the best in industry support to our growing client base.</span></p> <p> </p> <p><span style="font-family:arial, helvetica, sans-serif"><strong>Role Purpose</strong></span></p> <p><span style="font-family:arial, helvetica, sans-serif">The primary purpose is to deliver value-add sourcing services to clients in a structured, professional and consistent manner.</span></p> <p><span style="font-family:arial, helvetica, sans-serif">The role will monitor, detect, analyze, and respond to cybersecurity threats and incidents, ensuring the protection of organizational assets, data, and systems.</span></p> <p><span style="font-family:arial, helvetica, sans-serif">Additionally, you will contribute to the continuous evolution of Security Operations by enhancing detection capabilities, supporting automation, and strengthening alignment with enterprise risk, compliance (e.g., SOC2, ISO27001), and incident response frameworks within a Three Lines of Defense (3LoD) model.</span></p> <p> </p> <p><span style="font-family:arial, helvetica, sans-serif"><strong>Responsibilities</strong></span></p> <p> </p> <p><span style="font-family:arial, helvetica, sans-serif">We are currently seeking a Senior Level Analyst to join the IT Risk and Security team.The role requires a dynamic, highly client-focused individual with proven experience within IT Security field.</span></p> <p> </p> <p> </p> <p><span style="font-family:arial, helvetica, sans-serif"><strong>Main responsibilities will include:</strong></span></p> <p> </p> <p><span style="font-family:arial, helvetica, sans-serif">We are currently seeking a Security Analyst (Senior-Level) to join the Cyber Security Operations Team (1st Line of Defense). The Security Analyst needs to be a dynamic, highly client-focused individual with proven experience within Security Operations, Threat Detection, and Incident Response.</span></p> <p><span style="font-family:arial, helvetica, sans-serif">Main responsibilities will include:</span></p> <ul> <li style="font-family:arial, helvetica, sans-serif"><span style="font-family:arial, helvetica, sans-serif">Monitor and analyze security alerts across enterprise platforms (SIEM, EDR, identity, cloud, and AI-driven security tools)</span></li> <li style="font-family:arial, helvetica, sans-serif"><span style="font-family:arial, helvetica, sans-serif">Perform advanced triage and investigation of security incidents, including phishing, endpoint threats, identity compromise, and cloud-based attacks</span></li> <li style="font-family:arial, helvetica, sans-serif"><span style="font-family:arial, helvetica, sans-serif">Support detection and response capabilities related to AI platforms, Copilot-type services, and agentic systems, including misuse, data leakage, and abnormal behavior patterns</span></li> <li style="font-family:arial, helvetica, sans-serif"><span style="font-family:arial, helvetica, sans-serif">Lead or support incident response activities, ensuring effective containment, eradication, and recovery</span></li> <li style="font-family:arial, helvetica, sans-serif"><span style="font-family:arial, helvetica, sans-serif">Conduct root cause analysis and contribute to post-incident reviews to strengthen controls and processes</span></li> <li style="font-family:arial, helvetica, sans-serif"><span style="font-family:arial, helvetica, sans-serif">Correlate signals across endpoint, identity, email, cloud, and AI interaction layers to identify complex and multi-stage attack patterns</span></li> <li style="font-family:arial, helvetica, sans-serif"><span style="font-family:arial, helvetica, sans-serif">Develop and tune detection rules and use cases, including those related to AI usage, prompt injection risks, and data exposure scenarios</span></li> <li style="font-family:arial, helvetica, sans-serif"><span style="font-family:arial, helvetica, sans-serif">Support threat hunting activities, including emerging threats targeting cloud and AI-enabled environments</span></li> <li style="font-family:arial, helvetica, sans-serif"><span style="font-family:arial, helvetica, sans-serif">Collaborate with IT, cloud, data, and AI platform teams to securely enable new technologies and reduce risk exposure</span></li> <li style="font-family:arial, helvetica, sans-serif"><span style="font-family:arial, helvetica, sans-serif">Contribute to SOC transformation initiatives, including automation, orchestration, and AI-assisted security operations</span></li> <li style="font-family:arial, helvetica, sans-serif"><span style="font-family:arial, helvetica, sans-serif">Maintain high-quality documentation and audit-ready evidence aligned with SOC2 and internal control expectations</span></li> <li style="font-family:arial, helvetica, sans-serif"><span style="font-family:arial, helvetica, sans-serif">Support control assurance activities and ensure alignment with 2nd Line governance and AI risk frameworks</span></li> <li style="font-family:arial, helvetica, sans-serif"><span style="font-family:arial, helvetica, sans-serif">Act as an escalation point for junior analysts and contribute to knowledge sharing within the team</span></li> </ul> <p><span style="font-family:arial, helvetica, sans-serif"><strong> </strong></span></p> <p><span style="font-family:arial, helvetica, sans-serif"><strong>Requirements</strong></span></p> <p> </p> <ul> <li style="font-family:arial, helvetica, sans-serif"><span style="font-family:arial, helvetica, sans-serif">3–5 years of experience in cybersecurity, with a focus on security operations, threat detection, or incident response</span></li> <li style="font-family:arial, helvetica, sans-serif"><span style="font-family:arial, helvetica, sans-serif">Strong hands-on experience with SIEM,EDR and SOAR tools (e.g., Microsoft Sentinel, Defender, CrowdStrike)</span></li> <li style="font-family:arial, helvetica, sans-serif"><span style="font-family:arial, helvetica, sans-serif">Solid understanding of enterprise attack techniques, threat vectors, and MITRE ATT&CK framework</span></li> <li style="font-family:arial, helvetica, sans-serif"><span style="font-family:arial, helvetica, sans-serif">Experience with Microsoft security ecosystem (Defender suite, Entra ID, Purview) is highly desirable</span></li> <li style="font-family:arial, helvetica, sans-serif"><span style="font-family:arial, helvetica, sans-serif">Understanding of cloud security principles (Azure preferred) and modern endpoint security architectures</span></li> <li style="font-family:arial, helvetica, sans-serif"><span style="font-family:arial, helvetica, sans-serif">Foundational understanding of AI security risks, including data leakage, misuse of AI tools, and prompt-based threats (practical exposure preferred)</span></li> <li style="font-family:arial, helvetica, sans-serif"><span style="font-family:arial, helvetica, sans-serif">Experience working in controlled or regulated environments (SOC2, ISO27001) with audit and evidence expectations</span></li> <li style="font-family:arial, helvetica, sans-serif"><span style="font-family:arial, helvetica, sans-serif">Ability to independently manage and prioritize multiple incidents in a fast-paced environment</span></li> <li style="font-family:arial, helvetica, sans-serif"><span style="font-family:arial, helvetica, sans-serif">Strong analytical mindset with attention to detail and structured problem-solving approach</span></li> <li style="font-family:arial, helvetica, sans-serif"><span style="font-family:arial, helvetica, sans-serif">Effective communication skills, with the ability to translate technical findings into business-relevant insights</span></li> </ul><p> </p> <p><span style="font-family:arial, helvetica, sans-serif;font-size:10.0pt;color:black;background-color:white"><strong>Join a truly global team.</strong></span></p> <p> </p> <p><span style="font-family:arial, helvetica, sans-serif;font-size:10.0pt;color:black;background-color:white">We offer a dynamic and international environment where high performance meets real purpose. We're proud to be Great Place to Work-certified and even prouder of the people who make that possible. Let’s shape the future of procurement - together.</span></p> <p> </p> <p><span style="font-family:arial, helvetica, sans-serif;font-size:10.0pt;color:black;background-color:white"><strong>Chain IQ – Create. Lead. Make an impact.</strong></span></p> <p> </p> <p> </p> <p> </p> <p><span style="color:black;background-color:white"><span style="font-family:arial, helvetica, sans-serif;font-size:10.0pt;background-color:white"><em>Information for agencies: </em></span><span style="font-family:arial, helvetica, sans-serif;font-size:10.0pt;background-color:white"><em>Applications sent or uploaded by placement agencies or similar are not desired, will therefore not be considered and will be deleted.</em> </span></span></p> <p> </p>