Sr Expert Information Security Compl.

Aplicați acum »

Dată: 13 mar. 2026

Locație: Bucharest, RO, 013329

Companie: OMV Group

Overview of the company

OMV Petrom is the largest energy company in South-Eastern Europe, being active on every aspect of the energy value chain: from wells, producing oil and gas, to refining and fuels distribution, gas supply and power generation & supply. We provide the energy for day-to-day modern life: fuels for mobility, light and heat. We believe that we can only evolve with a diverse mix of employees and by ensuring a healthy work-life balance.

Our Business | OMVPetrom.com

 

At OMV Petrom, we have a long tradition of responsible behavior towards employees, the environment and society. Sustainability means a focus on conducting the business responsibly, efficiently and in an innovative way. We are committed to create long-term value for the company and our stakeholders, while respecting the environment and, supporting the communities in which we operate.

Sustainability | OMVPetrom.com

Your tasks

  • Lead the ongoing development and implementation of Borealis’ Information Security Compliance methodology to ensure alignment with evolving regulatory requirements, international standards (e.g., ISO 27001, NIS2), and strategic business objectives.
  • Steer the implementation of related compliance requirements across IT and business functions, ensuring the definition of measurable KPIs for performance tracking and continuous improvement.
  • Define the IT Compliance Governance roadmap for Borealis and lead the implementation of framework components, operational processes, and cross-functional engagement initiatives.
  • Transform the Compliance Governance Framework methodology into an operational model, enabling execution via SNOW GRC/IRM module functionality and ensuring automation, traceability, and audit-readiness.
  • Ensure the implementation of the IT Compliance Governance Framework during mergers, acquisitions, and post-integration phases, supporting risk harmonization and compliance alignment.
  • Conduct IT compliance audits across Borealis Group to evaluate control effectiveness, assess security posture, and verify adherence to internal policies and external regulations.
  • Manage Borealis Group external audits related to regulatory or legal frameworks such as ISO 27K, PCI-DSS, NIST, DORA, and NISG, acting as the primary liaison and ensuring timely evidence collection and issue resolution.
  • Evaluate the critical application landscape at Borealis Group level and maintain compliance oversight, incorporating governance metrics and remediation tracking.
  • Identify non-compliance areas and translate potential impacts into quantified risks to be integrated into the enterprise risk management framework and escalated as needed.
  • Oversee governance and reporting activities for the Vulnerability Management process in Borealis, ensuring timely tracking, escalation, and communication of identified vulnerabilities. Maintain accurate metrics, dashboards, and compliance reports for internal and external stakeholders. Drive process maturity through enhanced detection, prioritization, remediation tracking, and continuous improvement initiatives aligned with regulatory and industry expectations.

Your profile

  • Master degree in IT
  • Relevant professional experience: > 9 years
  • Experience in IT Security Governance area, ITIL Certification
  • Excellent knowledge of governance, auditing, and information security frameworks such as ISO 27001, ENISA, PCI-DSS, NIST, and NISG
  • Extensive expertise in IT, Information Security, and IT Governance
  • Excellent knowledge of the ServiceNow GRC/IRM module
  • Excellent skills in drafting and maintaining regulatory documentation
  • Excellent proficiency with the Microsoft 365 suite
  • Fluency in English, with strong written and verbal communication skills tailored to both technical and non-technical audiences

Location

Bucharest

What OMV Petrom can offer

  • Long weekend plans are always welcome - on Friday, our office hours end at 14.00.
  • You can rely on a health insurance that covers medical treatment in a variety of private medical clinics.
  • You can work from home, if the work activity allows.
  • The number of your days off increase according to your work experience so that you'll enjoy more free time.
  • We aim to make your vacation days happier, by paying each vacation day double.
  • Are you a top performer? Your work can be rewarded each three months based on performance results.
  • Additional days off and various financial support for different events like marriage, child birth, etc.
  • Access to LinkedIn Learning and a variety of development programs.
  • Do you prefer cars or bikes? We have free private covered parking.