Offensive Security Expert (with focus on pentesting)

Division: CISO

As a global critical financial infrastructure, the protection of Euroclear information and assets is fundamental to the company’s business. Security is at the core of our services, firmly embedded in the management systems and processes of the company. You will be joining our CISO division in charge of testing the controls that were put in place to adequately and effectively protect our information assets.

You will join the Offensive Security Center who manage and coordinate:

• Penetration testing
• Red team Exercises
• Purple team Exercises
• Static Code Analysis
• Vulnerability Management

The main responsibilities:

• Plan & coordinate security tests with internal stakeholders
• Plan & coordinate security tests with external providers
• Review & analyse security test reports and produce digests/synopsis
• Present & discuss / challenge the results to all relevant stakeholders (technical and non-technical)
• Advise (senior) stakeholders, such as project leads, developers, and analysts on how to remediate and prevent any detected issues
• Contribute to the execution of the security strategy roadmap

In this role you will come in contact with the full spectrum of the attack chain. Ranging from web applications to binary exploitation and infrastructure. Good understanding of the (security) policies will be required to give the final rating that will be presented to stakeholders

In summary, the ideal candidate needs to understand the penetration testing process and practices, be able to review pentest reports and guide young team members.

Technical skills

• Sound security design principles, based on confidentiality, integrity and availability requirements and other ISO27002 security principles are an asset;
• Good understanding of Application security including OWASP TOP 10, and willingness to learn with regard to a broad range of attacks (SQLi, XSS, Overflows, DLL-Hijacking,...)
• Basic understanding of network principles and protocols
• Basic understanding of Unix and Windows Operating Systems and security practices.

Soft skills

• Be an ethical team player who communicates in an open, respectful and constructive way with her/his customers and peers, both verbally and in writing. You will take ownership and ensure that organizational quality standards are met.
• Be a very good communicator in English, both verbal and written, and able to discuss and defend the security interests with individuals and groups of senior business people as well as deep technical IT experts.
• Be able to work independently, responsibly and professionally with highly confidential information and be punctual with an eye for detail.
• Able to be physically present in the headquarters in Belgium for minimum 1 day a week if requested.

Great Place to Work for All

We believe that our people are our strength. The diverse talents that our employees bring to the table, are directly linked to our global success. We are committed to creating an inclusive culture that celebrates diversity, and strive to be a Great Place to Work for All. All qualified applicants will be considered for employment, regardless of their race, religion, color, national origin, gender, sexual orientation, gender identity or expression, age, marital status, pregnancy, neurodiversity, disability, or any other aspect that makes them unique. If you need any specific accommodation due to disability or any other reason, you can let the recruiter know during your application process.