Infrastructure / Application Security Designer

Euroclear

Introduction

As a global critical financial infrastructure, the protection of Euroclear information and assets is fundamental to the company’s business. Security is at the core of our services, firmly embedded in the management systems and processes of the company.  You will be joining our Group Security & Business Resilience (GSBR) in charge of putting in place the required controls to adequately and effectively protect our information assets.

The main responsibility for the Security Consulting team is to ensure that the technology infrastructure at Euroclear protects corporate assets from unauthorised access, modification, disclosure and destruction. Security consulting is the service owner of the logical security domain and infrastructure through the implementation of security services and infrastructure, risk assessments, requirements setting, and active participation in the project delivery lifecycle, as well as ensuring adequate processes and procedures for the security administration teams.

The positions are Brussels based on a full time basis.

The role of Infrastructure Security Designer is to perform risk assessments and recommend infrastructure-related security requirements for IT infrastructure and network projects. You provide recommendations on technical security implementations and solutions. You perform security validation to ensure effective implementation of security controls.

The role of Application Security Designer is to perform or coordinate the security validation to ensure effective implementation of security controls in project development lifecycle.  You ensure the timely and effective remediation of security weaknesses and defects revealed in security validation during project life cycle.

In both roles, you are a subject matter expert and act as the security point of contact for business and project teams.

Your profile

You have proven experience in security risk assessments, development of functional security requirements, process design and management reporting. Experience in security design, architecture and project management is a strong advantage.

  • Sound security design principles, based on confidentiality, integrity and availability requirements and other ISO 27k security principles are an asset;
  • Familiarity with industry best practices in key domains: risk assessment, application  security, identity and access management, and secure development on all platforms.
  • Application security, networking & firewalls

Professional certifications like CISSP, CISM, CISA, ISO 27001 LA/LI, GIAC, SABSA, TOGAF are an asset.

AND

  • You are fluent in English. French and/or Dutch will be an asset.
  • You are service oriented, organised and independent security professional
  • You have appropriate influencing methods and personal authority
  • You consider the dynamics in the organisation and broader context