Information Security Test Analyst

The role requires a self-motivated analyst conversant and experienced with the use of static code testing for application risk assessment. Static Application Security Testing is performed as part of the overall application testing process. The individual is required to be experienced in security of applications and how they need to be protected. The individual is also required to be experienced with static test tools in order to assess application security. Euroclear currently uses HCL Appscan to test source code so experience with this toolset would be an advantage. Coordination will be required with application owners for testing and assessment of findings.

The main responsibilities:
•    Develop and scan applications based upon a variety of different languages (.net, java, C, etc)
•    Assess application results for false and true positives
•    Produce reports of findings, remediation options and risk analysis.
•    Present & discuss the results to all relevant stakeholders (technical and non-technical)
•    Advise (senior) stakeholders, such as project leads, developers, and analysts on how to remediate and prevent any detected issues
•    Review test results from different sources and perceive threads and issues with applications
•    Drive or support application security efficiencies in cost, delivery and reporting
•    Innovate through automation of testing and improving pipeline delivery

In this role you will come in contact with all types of applications written in a variety of languages and from different technologies including Mainframe applications, web applications and middleware. The candidate will be familiar with some of these situations but be able to quickly assess, understand and test the application. Not only is technical knowledge of application security needed but the ability to converse and convince the developers of the issues and support mitigation.
At times, the candidate will be required to take on other related technical tasks to improve scanning efficiency including automating tasks, pipeline reviews and other related improvements

Technical skills

• Experience of using SAST and DAST tools required.
• Coding skills to support automation is an advantage. 
• Sound security design principles, based on confidentiality, integrity and availability requirements and other ISO27002 security principles are an asset;
  Good understanding of Application security including OWASP TOP 10, and willingness to learn with regard to a broad range of attacks (SQLi, XSS, Overflows, DLL-Hijacking,...)
  Basic understanding of network principles and protocols
  Basic understanding of Unix and Windows Operating Systems and security practices
  Working with a variety of automated test tools and ability to drive improvements across all areas.

Soft skills

•    Be an ethical team player who communicates in an open, respectful and constructive way with her/his customers and peers, both verbally and in writing. You will take ownership and ensure that organizational quality standards are met. 
•    Be a very good communicator in English, both verbal and written, and able to discuss and defend the security interests with individuals and groups of senior business people as well as deep technical IT experts.
•    Be able to work independently, responsibly and professionally with highly confidential information.

#LI-NS1
 

Why join us

Embark on your new adventure at Euroclear, and work at the heart of the global capital markets. We connect over 2,000 financial institutions across the globe. As an open and resilient infrastructure, we contribute to the stability of the financial markets. We help clients cut through complexity, lower costs, and mitigate risks of financial transactions. At Euroclear, we have the clear ambition to use our key role to facilitate and accelerate a sustainable global financial system. 

What We Offer:

• Work closely with inspiring, supportive and engaged colleagues from more than 80 different countries. 
• Practice your talents in a highly professional international environment. 
• Join a learning and development environment with an emphasis on knowledge sharing and training.
• Competitive salary and comprehensive benefits.

New ways of working

Find your own optimal balance within our hybrid working model, where you can connect at the office and also benefit from remote working. 

Great Place to Work for All

We are committed to creating an inclusive culture that celebrates diversity and strives to be a Great Place to Work for All. All qualified applicants will be considered for employment, regardless of any aspect that makes them unique (including race, religion, national origin, gender, sexual orientation, age, marital status, pregnancy, disability, ...). If you need any specific accommodation due to disability or any other reason, you can let the recruiter know during your application process.