Technology Jobs in Bucharest, Romania (Now Hiring) — 565 open — Page 4

Take a step forward and let Edenred surprise you.

Every day, we deliver innovative solutions to improve the life of millions of people, connecting employees, companies, and merchants all around the world. 

We know there are hundred ways for you to grow. With us, you will expand your skills in a multicultural, challenging, and dynamic environment. 

Dare to join Edenred and get ready to thrive in a global company that will offer you endless opportunities.

Edenred is all about meritocracy. You come as you are, and you contribute. Indeed, the Edenred Group recognizes, recruits and develops all talents and singularities.

We are committed to preventing all forms of discrimination and to providing all our candidates with equal opportunities regardless of their gender and gender expression, disability, origin, religious belief and sexual orientation or any other criteria.

About EDENRED

Edenred is a pioneer, a tech leader and the everyday companion for people at work across 45 countries.

Our 12,000 employees are committed to making the world of work a better place for all, one that is safer, more efficient and more user-friendly. At Edenred, our passion for customers, respect, imagination, simplicity and entrepreneurial spirit are our values. For anyone who needs to vibe in their professional life, we are the best place for you to work and grow.

The Edenred Digital Center (EDC) in Bucharest, Romania is Edenred Group's new Digital hub for strategic IT projects.

Context/Role

Edenred's Benefits & Engagement business line is hiring an Cybersecurity Engineering Specialist with a strong product security focus to support security-by-design across multiple Business units in Europe. The role partners with product, architecture, and engineering teams to help build secure applications and platforms, reduce product risk, and ensure alignment with Edenred’s internal security control framework.

This is a hands-on enablement role focused on secure SDLC, threat modeling, tooling, CI/CD security findings review and vulnerability remediation follow-up — not a pure penetration testing or SOC role.

The Cybersecurity Engineer will not own engineering delivery or act as the sole vulnerability manager. The role is expected to help identify, assess, prioritize, explain and track remediation of product/application security findings coming from automated scanners, penetration tests, security assessments and issues identified during design or technical reviews.

This position reports directly to the B&E Europe Regional Chief Information Security Officer.

This is a great opportunity to work with experts from different locations, with different skills, and a shared commitment to deploy & strengthen the Whole group security

What you will do:

You will be in charge of:

»  Threat modelling & Secure-by-design & architecture

o   Perform threat modeling for new features and significant changes; facilitate workshops with product/engineering.

o   Review solution and data flow architectures for security risks; propose pragmatic improvements.

o   Define and advocate secure design patterns and secure API practices.

»  SDLC enablement & tooling

o   Support integration, tune and maintain security tooling in CI/CD (e.g., SAST, SCA, DAST, secrets scanning, container scanning, CSPM).

o   Coordinate application integration with enterprise security controls (e.g., IAM/PAM, DLP, WAF) and logging/monitoring requirements.

»  Vulnerability management

o   Assess and triage findings from scanning tools and penetration tests; prioritize with business and risk context.

o   Drive remediation with engineering teams, track SLAs/MTTR, and report status and metrics to stakeholders.

»  Governance & compliance

o   Ensure applications meet control requirements in our internal security control framework.

o   Maintain the regional applications inventory/registry and associated security baselines, diagrams and documentation.

»  Security testing & incidents

o   Scope, coordinate and support preparations for penetration tests.

o   Support incident response for merchant/user/client‑facing applications.

o   Define application‑layer security monitoring requirements (e.g., WAF policies, SIEM logging).

»  Stakeholder engagement

o   Partner with the Network, Cloud, AppSec CoE(Center of Expertise), Product and Architecture teams.

o   Participate in Change Advisory Board (CAB) meetings as needed to represent security considerations.

o   Communicate risks and tradeoffs clearly to technical and non‑technical stakeholders across multiple countries.

 Your profile/Requirements

»  Bachelor’s degree in Computer Science, Information Security, or a related field, or equivalent practical experience

»  3+ years of experience in Application Security/Product Security/DevSecOps roles with exposure to secure SDLC enablement.

»  Good understanding of application security risks, secure coding principles, and common vulnerabilities such as the OWASP Top 10; ability to read code (e.g. Java, Python,  JavaScript/TypeScript).

»  Experience performing or facilitating threat modeling and security assessments (STRIDE, PASTA, or equivalent) and risk-base prioritization of findings.

»  Practical experience reviewing secuirty findings from tools such as SAST, SCA, DAST, secrets scanning, container scanning, vulnerability scanners, penetration testing reports or cloud security posture tools.

»  Familiarity with API security and authentication/authorization concepts such as OAuth 2.0, OIDC, SAML, JWT, session management, and access controls.

»  Familiarity with security frameworks (ISO 27001, NIST) and data protection (e.g., GDPR).

»  Experience with cloud security, container security, or DevSecOps practices

»  Strong communication and stakeholder management across distributed teams; ability to influence without authority.

»  Fluent English level (mandatory)

»  Strong analytical and problem-solving skills and attention to detail

»  Proactive, detail-oriented, and solution-driven, with strong organizational skills.

»  Experience in matrix and international IT organizations is a plus; previous consulting experience is also appreciated.

  Nice to have

»  Experience in a product-based or software engineering organization.

»  Experience with container and Kubernetes security.

»  Familiarity with PCI DSS or SOC 2, relevant to digital products.

»  Hands-on secure coding in one of our main stacks (e.g., .NET, Java/Spring, Python/ Node.js).

»  Certifications (nice-to-have, not required): CSSLP, GWAPT/GWEB, OSWE/OSCP, AZ-500/AWS Security.

  VIBE WITH US

Joining us means:

»  Becoming part of a team that embraced the digitalization challenge and enjoys this transformation every day

»  Living our values every day: passions for customers, respect, imagination, simplicity, entrepreneurial spirit.

Because:

»  You will get exposure to various global cultures and teams

»  You will be working with the newest technologies to build a new platform from scratch

»  We offer you a very pleasant working environment, close to Bucharest city center

»  We also have for you: meal tickets, holiday vouchers, health subscription, flexible hours, a

remote work policy 2d /week in the office

»  Flexible benefits system, on-the-job training & e-learning platforms.

And we do not stop here!

  OUR COMMITMENT

Edenred is all about meritocracy. You come as you are, and you contribute. Indeed, the Edenred Group recognizes, recruits and develops all talents and singularities. We are committed to preventing all forms of dis crimination and to providing all our candidates with equal opportunities regardless of their gender and gender expression, disability, origin, religious belief and sexual orientation or any other criteria.

Apply now and Vibe with Us!