Field of Activity
Clearstream is a large international financial institution offering post-trade infrastructure and securities services for the international and domestic markets worldwide, with 2,500 customers in 110 countries.
Clearstream Information Security (IS) second line of defense organization is responsible for the cyber security risk assurance program, cyber resilience, steering of IS processes, IS controls and IS compliance activities worldwide for legal entities, branches, and representative offices in scope with direct reporting line to the corresponding executive boards.
Tasks / Responsibilities
The Information Security Risk Assurance Senior Analyst will be supporting Clearstream Banking Chief Information Security Officer in assuring that material information security risks are identified, analysed, reported, and effectively remediated by IT.
In addition, he / she will play an active role ensuring that (1) controls deemed necessary for the mitigation of those risks are designed and operating effectively, and (2) applicable information security compliance requirements are defined, up-
to-date and consistently implemented.
More specifically, the information security risk assurance senior analyst will :
Support the implementation and maintenance of the information security risk assurance program, including IS control requirements based on the analysis of the threat landscape, applicable policies, standards, and regulations.
Conduct risk assessments and support reporting on material risks as part of the quarterly reporting to the executive and supervisory boards.
Complement existing risk and vulnerability assessments of planned and installed information systems to identify material vulnerabilities, risks, and protection needs.
Determine the causes of security breaches and researches, recommends, and implements changes to information assurance procedures to protect data from future violations.
Analyze information security risk assurance-related technical problems and provides engineering and technical recommendations for solving those problems.
Develop an understanding of Post-trade business goals and reframes information security risk assurance discussions in business terms.
Support constructively engaging business partners regarding information security risks including compliance.
Actively and professionally engage with operations and IT in conversations that drive adequate IS risk decisions.
Support awareness efforts on the information security risk implications by combining pragmatic analysis with judgment to assess business decisions.
Ensure employees and third parties understand, acknowledge, and fulfill all applicable information security policy requirements.
Support the security awareness program.
Support coaching junior colleagues.
Qualifications / Required skills
Master’s degree in computer science, network security, or business informatics.
4 to 7 years of experience in IT security, information security risk management, or IT audit in the financial sector.
Strong ability to convey complex IT security issues, information risks, and compliance in a manner that is easily understood, actionable and constructively challenges prevailing thoughts and processes.
Ability to effectively analyse information security risks within the context of complex IT environment and to provide value-
added / actionable recommendations.
Ability to collaborate across multiple teams in a multicultural environment.
Having good understanding of Clearstream mission, values, goals and consistent application of this knowledge (nice to have).
Ability to develop a full and deep understanding of the business / IT operations and related information security risks.
Experience with information security regulatory compliance and information security risk management frameworks (e.g., IS027000, COBIT, NIST, etc.)
Proficiency in written and spoken English, preferable at least basic knowledge of German and / or French.
Dedication, team and communication skills, flexibility as well as competent handling of MS Office applications round out your profile.
There are numerous good reasons to work for us : responsibility at an early stage, attractive social benefits, an international working environment and a broad variety of career opportunities.
Applications from disabled persons are welcome.