Division CISO
Cyber Security Analyst
Euroclear is a global critical financial infrastructure company. Security is at the core of the company’s services, firmly embedded in their management systems and processes. Our department provides impact analysis, security risk assessment, security requirements, design validation for all IT projects in Euroclear, regular security assessments of Euroclear applications and the underlying infrastructure! We also support Euroclear’s compliance activities by reviewing and publishing secure configuration baselines and by coordinating the Security Exception Review Board. Finally, we provide consultancy for anyone in Euroclear for any IT security related question!
Required Technical and Professional Expertise
We are looking for Cyber & Information Security experts to strengthen our team in our Brussels office with experience in one or more of the following areas:
1. Proven expertise in security risk assessments, development of functional security requirements, process design, and management reporting.
2. Familiarity with industry best practices in key security domains, including identity and access management, PKI, network security, and data protection.
3. Application security knowledge, with a solid grasp of software development and testing, OWASP guidelines, code scanning tools, and security and compliance automation using a CI/CD pipeline.
4. Proficiency in security technologies such as IDAAS (Identity as a Service) and identity management platforms, secure access management, federation services, PKI, cryptographic solutions, web application firewalls, and endpoint security.
5. Knowledge of domains such as virtualization, software-defined networks, Cloud IAAS/PAAS/SAAS, network and DMZ infrastructure, VOIP, Wi-Fi, 802.1x, anti-malware, system protection, middleware, collaboration, end-user workspace solutions, storage (SAN, NAS), databases, and infrastructure automation services (Infrastructure as a Code).
6. Preferred professional certifications include CISSP, GIAC, SABSA, and ISO 27001 LA/LI. Specific certifications related to security products are also nice to have.
Your Responsibilities
7. Define and recommend on the design, implementation and test processes vital to protect information system assets.
8. Perform risk assessments and translate the security architecture and high-level policies and controls towards security requirements (secure by design) for business and IT projects.
9. Contribute to the architectural design and validate it against the security requirements.
10. Define security testing requirements and penetration test scope, actively support the testing teams to perform these tests and approve the test reports.
11. Define, implement, and ensure the accurate functioning of security services of our department in line with IT security policies.
12. Recommend and advise on new or improved security services towards the division management.
13. Produce documented security services, technical standards, or principles.
14. Act as a security specialist within a certain domain (for example Mainframe security, PKI and Cryptography, Network security, platform security, IAM, application security or secure coding), being the point of contact for both business and project teams. Your partners are mainly the business owners/analysts, project leader, risk management, internal/external auditors, and off course the engineers, developers, and architects.
Your Profile
15. University degree or equivalent experience in Computer Science, Engineering, or similar degree.
16. IT-security professional with demonstrable experience in the infrastructure security domain or in the IT application security domain.
17. Depending of the experience level, a senior profile has at least +10 years’ cyber security experience covering multiple disciplines, the candidate has worked for multiple companies/cross industries. As an entry level profile, the candidate we’re looking for has minimum 3 years’ experience in cyber security in one domain.
18. Good understanding of documentation and presentation applications including PowerPoint, Visio, Excel, and Word
19. Experience translating business requirements into technical solutions.
20. Effective interpersonal, planning and time management skills.
21. Effective research, analytical, and problem-solving skills.
22. Proficiently exercises initiative and makes well-informed decisions, maintains accuracy while paying close attention to detail and meeting target dates and convey findings, conclusions, alternatives, and information in a clear and concise manner.
23. Able to operate within an international/multi-cultural, networked environment.
24. Proficient in English
25. Great teammate who communicates in an open, encouraging, and constructive way with customers and peers, both verbally and in writing.
26. Good interpersonal skills, being able to discuss, defend and translate security topics with both senior business people as with deep technical IT experts.
27. Ability to handle different projects and cope with pressure and stressful situations.
28. Take ownership and ensure that the company quality standards are met.
29. Independent, service-minded and organized.
#LI-NS1