

Innovating security: Euroclear's pioneering cybersecurity initiatives in Poland
Click on the question to skip to your desired topic in the video.
01 What exactly does Euroclear do and why is it so important in the global financial market?
02 What kind of IT projects do we have at Euroclear?
03 What qualities are you looking for in a candidate who might be keen to join Euroclear?
04 How does the onboarding look like for new employees?
05 Please tell us about the major challenges for the CISO division
06 Could you tell us what CISO division is responsible for at Euroclear?
07 What sort of profiles are we looking for in CISO?
08 Why should someone join CISO?
09 What does the selection process look like?
10 Conclusion
Empowering progress, Euroclear's vision for a secure digital future
Meet the speakers

Ewa Libruk Recruitment Lead Poland

Marcin Mikoda Cyber Security Managing Director

Julien Musial Tribe lead and Poland IT Country Manager

Joris Pinoy Director Cyber Threat Management
Career Opportunities
IDAM Audit & Compliance Analyst
IDAM Compliance Management
IDAM Control Monitoring Analyst
IDAM Risk Analyst
Test Lead
IT Risk & Control Governance Lead
SailPoint IIQ Engineer
Scrum Master PS PAM
Senior IT Business Analyst
Identity Governance Team Lead (Scrum Master)
Threat Detection Engineer - Splunk Developer
Threat Detection Engineer - Splunk Developer
About  

IDAM Audit & Compliance Analyst
- Location: Cracow (hybrid), Poland
Division: CISO
As a global financial market infrastructure, the protection of Euroclear information and assets is fundamental to the company’s business. Security is at the core of our services, firmly embedded in the management systems and processes of the company.
You will be joining CISO in the Identity and Access Management (IDAM) team. IDAM oversees implementing, operating and managing all the access from, to or within the Euroclear IT infrastructure. This helps to ensure that everyone has access to the right resources at the right time for the right reasons – provided in a way which aligns to the increasingly meticulous compliance requirements Euroclear is subject to. Services covered by IDAM include access management, user lifecycle management, privileged access management and recertification, as well as providing delivery and advisory services.
In this role you will
- Work with an existing team of audit and compliance specialists to evidence Euroclear’s adherence to key IDAM controls,
- Identify opportunities for improvement – whether in terms of efficiency, ease of execution or effectiveness – in the control library,
- Support the collection and filing of evidence of control execution in ServiceNow,
- Work with teams across the CISO division in supporting the establishment of new controls.
You will bring
- Experience in controls monitoring or implementation – ideally gained in a financial services organisation (or similarly heavily regulated environment),
- An ability to prepare evidence and documents suitable for sharing with audit stakeholders,
- A detail orientated mindset – comfortable delving into the complexity of a dataset, or working through evidence to ensure compliance or identify non-compliance, ensuring that any omissions are identified and addressed prior to submission,
- Ability to work to conflicting and often competing deadlines,
- An good understanding of governance, risk and compliance and how it is deployed in enterprises,
- Familiarity with key IDAM concepts and controls, such as least privilege, role-based access control, need to know, just in time provisioning etc.
- An open and inquisitive mindset and a keen interest in cyber security (expertise is not a must – but a willingness to learn is!).
About the Team
IDAM Compliance Management
- Location: Cracow (hybrid), Poland
Division: Chief Information Security Office (CISO)
As a global critical financial infrastructure, the protection of Euroclear information and assets is fundamental to the company’s’ business. Security is at the core of our services, firmly embedded in the management systems and processes of the company. You will be joining our Chief Information Security Office (CISO) in charge of putting in place the required controls to protect our information assets adequately and optimally.
IDAM Governance
The IDAM Governance function is responsible for the governance, risk, and compliance of the IDAM service. The team is responsible for defining standards for IDAM services, specifying controls, supporting the design and implementation of controls, and performing ongoing monitoring of the execution of (and deviation from) them. In addition, the Governance function liaises with non-IDAM audit and compliance to ensure the IDAM service aligns with regulatory and audit requirements.
Compliance management forms an essential part of the over-arching IDAM Governance function. Reporting to the Controls, Monitoring & Alerting Manager this role will be focused on demonstrating IDAM’s compliance to internal and external oversight bodies such as internal audit, statutory audit, regulatory audit. In addition, this function will be responsible for performing analysis on inbound regulation to identify gaps between regulatory requirements and current posture. This role will involve close liaison with a variety of Euroclear teams.
In this role you will
- Lead a small team of IDAM compliance analysts,
- Ensure all requests for information are appropriately handled – ensuring completeness of information and timely return of responses,
- Work with internal stakeholders to understand the compliance and audit calendar to ensure resource planning and demand management for upcoming audits,
- Provide summaries of audit themes and feedback to IDAM leadership and relevant product teams,
- Work with IDAM Governance colleagues to prepare presentations and briefings to show how IDAM adheres to different controls and the KRIs which demonstrate compliance,
- Track incoming regulations to ensure IDAM compliance and identify potential gaps for remediation,
- Act as the inbound point of contact for all audit and compliance matters for IDAM.
You will bring
- Experience at engaging with different audit and oversight groups – such as second line risk management, internal audit and external auditors,
- Experience in reviewing and interpreting regulatory requirements,
- An ability to prepare evidence and documents suitable for sharing with audit stakeholders,
- An eye for detail – in ensuring that requested information is comprehensive and complete and that any omissions are identified and addressed prior to submission,
- Ability to work to conflicting and often competing deadlines,
- Experience in understanding regulations and how these translate to controls, processes and procedures in a cyber security environment,
- Familiarity with key IDAM concepts and controls, such as least privilege, role-based access control, need to know, just in time provisioning etc.
About the Team
IDAM Control Monitoring Analyst
- Location: Cracow (hybrid), Poland
Division: CISO
As a global financial market infrastructure, the protection of Euroclear information and assets is fundamental to the company’s business. Security is at the core of our services, firmly embedded in the management systems and processes of the company.
You will be joining CISO in the Identity and Access Management (IDAM) team. IDAM oversees implementing, operating and managing all the access from, to or within the Euroclear IT infrastructure. This helps to ensure that everyone has access to the right resources at the right time for the right reasons – provided in a way which aligns to the increasingly meticulous compliance requirements Euroclear is subject to. Services covered by IDAM include access management, user lifecycle management, privileged access management and recertification, as well as providing delivery and advisory services.
Control monitoring forms a key part of the IDAM function. Reporting to the Controls, Monitoring and Alerting Manager the role of the control monitoring analysts is to oversee adherence to IDAM controls (for example, by requesting and reviewing evidence relating to a control). In addition, the control monitoring analysts will look at opportunities for enhancing and refining existing controls – or scoping new controls to provide additional risk management to Euroclear.
In this role you will:
- Work with an existing team of controls management specialists to continuously improve and evidence Euroclear’s adherence to key IDAM controls,
- Identify opportunities for improvement – whether in terms of efficiency, ease of execution or effectiveness – in the control library,
- Support the collection and filing of evidence of control execution in ServiceNow,
- Work with teams across the CISO division in supporting the establishment of new controls.
You will bring:
- Experience in controls monitoring or implementation – ideally gained in a financial services organisation (or similarly heavily regulated environment),
- An understanding of governance, risk and compliance and how it is deployed in enterprises,
- Familiarity with common enterprise tools such as SailPoint, CyberArk, ServiceNow, Splunk – or similar tooling,
About the Team
IDAM Risk Analyst
- Location: Cracow (hybrid), Poland
Division: CISO
We are looking for a dedicated Identity and Access Management risk analyst to join our team to ensure that IDAM risks and issues are appropriately managed and remediated in line with Euroclear’s Enterprise Risk Management Framework.
In this role you will
- Assist in the identification, assessment, and ongoing monitoring of IDAM risks and issues.
- Performs basic to complex analysis and research with regard to processes to identify risk and control weaknesses using existing procedures and models. Provides and validates data for further analysis. May monitor risk indicators and escalates observations to direct line management. May conduct operational reporting and provide management with information.
- Collaborate with internal stakeholders to evaluate the impact of identified risks and assist in the development of risk mitigation plans.
- Support the delivery of risk management reporting to senior management on the status of IDAM risks.
- Perform regular reviews of the IDAM risk register and monitor progress of remedial actions, providing support to stakeholders and escalating where actions are outside remediation timescales.
You will bring
- Direct experience of delivering and/or supporting key risk management processes
- Ability to analyze data to provide inputs into risk reporting.
- Good engagement and relationship management.
- Have an ability to see the bigger picture and connect the dots and the willingness and passion to further grow knowledge and experience.
- Possess excellent written and verbal communication skills in English, including an ability to communicate complex matters in simple terms to a non-technical audience.
- Experience of working in IDAM or cyber security environments is desirable but not essential.
- Defines and supports the Risk Management framework.
- Identifies and documents relevant inherent and emerging risks and assesses the effectiveness of the controls to mitigate these.
- Issues recommendations and ensures relevant reporting and follow-up at all levels of the governance.
- Is well connected to the business (first line of defense) to identify material changes in existing and intervene early in the assessment process of new services.
- Builds up credibility and maintains a close relationship with different internal and external stakeholders and plays an independent role within the corporate governance.
About the Team
Identity Governance Team Lead (Scrum Master)
- Location: Cracow (hybrid), Poland
Division: CISO
Organization Description
As a global financial market infrastructure, the protection of Euroclear information and assets is fundamental to the company’s business. Security is at the core of our services, firmly embedded in the management systems and processes of the company.
You will be joining our Chief Information Security Office (CISO) in the Identity and Access Management (IDAM) team. IDAM oversees implementing, operating and managing all the access from, to or within the Euroclear IT infrastructure. This helps to ensure that everyone has access to the right resources at the right time for the right reasons – provided in a way which aligns to the increasingly rigorous compliance requirements Euroclear is subject to. Services covered by IDAM include access management, user lifecycle management, privileged access management and recertification, as well as providing delivery and advisory services.
IDAM Governance
The IDAM Governance function is responsible for the governance, risk and compliance of the IDAM service. The team is responsible for defining standards for IDAM services, specifying controls, supporting the design and implementation of controls and performing ongoing monitoring of the execution of (and deviation from) them. In addition, the Governance function liaises with non-IDAM audit and compliance to ensure the IDAM service aligns with regulatory and audit requirements.
Reporting to the Controls, Monitoring & Alerting Manager this role will be focused on the day-to-day management of the Identity Governance team. The role holder will also have Scrum Master responsibilities.
The Identity Governance team is responsible for the execution of core controls, such as recertification, role management and segregation of duty monitoring. In addition, the team members act as subject matter experts in support of the ongoing IDAM Change programmes. Due to the nature of the team, we require candidates to also have a people management background or experience of directly leading a team.
In this role you will:
- Work with the IDAM Product Owner(s) for the intake of new requests and handle the teams’ backlog, resolving any potential blockers.
- Contribute to coaching team members in the Agile framework, guiding the team to increased scrum maturity.
- Support IDAM Tribe leadership in developing and maturing the Agile ways of working in each Squad.
- Support resolving conflicting project resource demands whilst ensuring the continued delivery of core controls.
- Facilitate Agile ceremonies including sprint planning, stand-ups, sprint reviews and retrospectives and prepare for participation in Quarterly Planning.
You will bring:
- Proficient understanding and application of Agile principles – using agile values, principles and practices to plan and manage workload.
- Excellent communication and interpersonal skills to enable training and mentoring of team members to enable efficiency and align with Agile best practice.
- Good problem-solving skills, able to negotiate to remove obstacles or overcome conflicts.
- Must have strong skills and experience with using Agile working tools (i.e. Jira, Confluence, Azure DevOps, or similar).
- Certified Scrum Master
About the Team
IT Risk & Control Governance Lead
- Location: Cracow (hybrid), Poland
IT Risk & Control Governance Lead
Division: CISO
As a global critical financial infrastructure, the protection of Euroclear information and assets is fundamental to the company’s business. Security is at the core of our services, firmly embedded in the management systems and processes of the company. You will be joining our CISO division in charge of putting in place the required controls to adequately and effectively protect our information assets.
Our part of the deal
Due to the central position of Euroclear in the financial industry and the growing regulatory pressure, risks and controls are at the core of our business and day-to-day activities. We offer you a key position providing you with the opportunity to develop your soft skills and working relationships at different levels of the organization as well as core competencies in the domain of risks and controls.
You will join a stimulating international team supporting all Euroclear group entities, allowing you to grow your understanding and develop transversal knowledge of IT, Security and business services across the group.
You will play an active role in developing the Continuous Assurance & Compliance team.
You will develop a network at various levels of the organization through field work, cross-divisional collaboration and contacts with senior stakeholders in the company, both in IT and with Risk Management and Internal Audit. This will bring you exciting career evolution opportunities in the assurance function as well as in the first, second or third line of defence.
Your day-to-day responsibilities will include:
- Ensure ‘end-to-end’ management of risks by identifying IT, information security or cyber risks or deficiencies
- Ensure root cause issues and risks are structurally remediated through sustainable controls, and ensure reduce risk exposure through increased control maturity
- Ensure risk exposure is in line with the risk appetite of the firm
- Ensure regulatory compliance is evidenced
- Ensure accountability, ownership and risk culture is embed within first line
Within the context of the overall Enterprise Risk Management (ERM) framework, the IT and Cyber Risk team provides a strong control environment based on internationally recognized controls that allows all IT, information security and cyber risks to be continually identified, assessed, monitored, and mitigated (or accepted).
The IT and Cyber Risk team comprises several sub-teams:
- IT and Security Risk Management
- Policies and Controls
- Continuous Control Assurance
- Security Risk Assessments
- Regulatory and Customer Compliance Assessments
- Customer and Third-Party Risk
The IT and Security Risk Management team has two main responsibilities:
- Issue and Risk management
- IT Risk Culture
Responsibilities
- Supporting the IT division in risk identification, analysis, response and monitoring.
- Produce regular reporting and ensure that is accurate and of high quality.
- Support the various IT departments in providing the appropriate evidencing upon closure of the mitigating actions and related issues.
- Upon need, attend the various teams’ meetings to be informed about their activities and issues.
- Participating to the decision-making process to ensure adequate response to identified risks.
- Support risk assessment on identified risk and support the search for appropriate mitigating actions to ensure we remain within our risk appetite.
- Work closely with Risk management and IA to ensure that regulatory issues are addressed in due time.
- Taking initiatives to document and communicate intensively to further increased risk and control awareness, knowledge and expertise.
Skills
- Extensive knowledge in security and/or IT risk management.
- Excellent interpersonal and Influencing skills with ability to establish credibility and strong partnership with senior business stakeholders.
- Experience with dealing with regulatory compliance issues as well as best practices in security
- Strong analytical skills, including data analytics and proven ability to identify control issues and process improvements.
- Ability to multi-task, prioritise and thrive in a fast paced and evolving environment.
- Strong organization, prioritization management, coordination, reporting and communication
- Knowledge of financial markets, FMIs and CSD operations is an advantage
- Experience within complex international and multinational organisation is an advantage
- Knowledge of control frameworks, e.g. ISO 27000, NIST, CIS-18, COBIT-5 is an advantage
- Any technical certification, such as CISA, CISM, CISSP, CRISC is an advantage
- English and French are needed
- Experience in reporting will be a plus
About the Team
SailPoint IIQ Engineer
- Location: Cracow (hybrid), Poland
Division : CISO
You will be part of the Identity and Access Management team (within CISO). IDAM is in charge of implementing, operating and managing all the accesses from, to or within the Euroclear IT infrastructure. The main mission is to ensure that each individual has access to the right resources at the right time for the right reasons as well as to respond to the increasingly rigorous compliance requirements. The services covered by the teams include access management, user lifecycle management, privileged access management, recertification and security advisory services in the context of Identity and Access Management. You will be part of the IDAM Standards where the main mission is to support, help and educate our clients vs. access management related topics.
Role:
- Coordinates the activities of the Team in the D2D (planning, D2D, consolidate improvements, perform some analysis, track all the issues and report to our stakeholders to reduce errors and waste via standard reporting, expand our current service offering….)
- Provides administrative support on preparing accesses and material for the people joining IT (using SNOW, IAG/SailPoint/Staff DB)
- Supports the Staff Managers in this domain by proactively raising blocking factors and providing regular status report
- Ensures the appropriate follow-up and coordination
- Produces regular and/or ad hoc analysis of information relating to work processed
- May assist with other tasks such as statistics, SOPs, communication, best practices sharing…
- Look for opportunities to improve our process
Skills
- Appetite for People Management activities
- Very well organised as different tasks are required in preparing the first day at work of the newcomers in different tools and involving different stakeholders
- Client focus mindset as you will have to interact with Staff Managers to ensure a smooth on-boarding of their newcomers and with different stakeholders across the Company (2424, 4570, End-User On-Site Support, Access Management Services…..)
- Good communication skills in English
- Analytical skills as some situations may require further investigation and understand the root causes of any access issue
- Be risk minded as we should ensure people gets the right access for the right function and at the right time
- Not afraid to raise issues in a constructive mindset and propose solutions
- Ability to raise ideas to simplify and improve the current process be it SOPs, communication towards our internal clients….
- Creativity and open to look for alternatives to our current Service offering and tools/interfaces offered to our clients (moving forward we will extend our service to Movers and may contribute to the Leavers’ process)
- Appetite to new technologies used in Euroclear (Sharepoint…)
- Expertise in Sailpoint/IAG, DSA and SNOW ticketing systems and the Staff Db
- Previous experience in managing requests to prepare the on-boarding of newcomers from an access management point of view is a strong asset
- As a SailPoint Senior Engineer, you will be at the front lines with our clients supporting them with their Enterprise and Cloud Cyber Risk needs specifically helping them address IAM health and navigate the journey a common SailPoint/IGA solution for their business with ServiceNow as a frontend, integrating SailPoint with core systems like ServiceNow, CyberArk, Okta, Azure AD etc.,
- Master level expertise in SailPoint IIQ 8.x toolset. Especially, experience in integrating SailPoint IIQ with other critical applications within the organization.
- Deep knowledge and hands on technical experience with SailPoint suite including: Lifecycle Manager, Compliance Manager, Access Request, Automated Provisioning Password Management.
- Lead system integrations for both internal facing and external facing systems/applications with SailPoint IdentityIQ.
- Work with Application Teams to identify, aggregate and correlate Application/System User Accounts to Identity Cubes within SailPoint
- Development and configuration experience of SailPoint various modules (e.g. audit, compliance, lifecycle, service account)
- Design, Develop, Test and Troubleshoot Custom System/Application Connectors within SailPoint IdentityIQ
- Product expertise in IIQ and PowerShell coding
- Understanding of RBAC, Identity Policies, Identity Lifecycle automation and reporting, Password Policies, Separation of duties, User Provisioning and approval workflows in SailPoint IIQ.
- Ability to make source code level changes and has worked in a large multinational organization providing hands-on technical architecture services with J2EE development, Database, Java, Bean Shell/JavaScript, JSP/Servlets, SQL.
- Experience with Rest Web services, SAML 2.0, SailPoint IdentityIQ, OAuth, WS-Security, Public Key Infrastructure (PKI) and other authentication/authorization protocols.
- Excellent communication skills and extensive experience working with clients and partners.
- Expert level experience with IAM Protocols such as SCIM, Web services, WS-Fed, SAML, OpenID Connect and OAuth
- At least 7 years of Identity & Access Management (IAM) deployment and engineering experience required.
- 6-8+ years of progressive experience in software engineering, enterprise architecture/technology leadership across multiple products, systems and/or platforms coupled with strong business acumen.
- Proven experience architecting initial infrastructure, on-boarding of applications, role-based access controls, policy and password management, certifications, workflows, work items, rules and API developments.
- Lead system integrations for both internal facing and external facing systems/applications with SailPoint IdentityIQ
- Work with Application Teams to identify, aggregate and correlate Application/System User Accounts to Identity Cubes within SailPoint
- Development and configuration experience of SailPoint various modules (e.g. audit, compliance, lifecycle, service account)
- Design, Develop, Test and Troubleshoot Custom System/Application Connectors within SailPoint IdentityIQ.
- Prior experience working in Agile based model is preferred.
About the Team
Scrum Master PS PAM
- Location: Cracow (hybrid), Poland
Scrum Master PS PAM
Division: CISO
As a global financial market infrastructure, the protection of Euroclear information and assets is fundamental to the company’s business. Security is at the core of our services, firmly embedded in the management systems and processes of the company.
You will be joining CISO in the Identity and Access Management (IDAM) team. IDAM oversees implementing, operating and managing all the access from, to or within the Euroclear IT infrastructure. This helps to ensure that everyone has access to the right resources at the right time for the right reasons provided in a way which aligns to the increasingly meticulous compliance requirements Euroclear is subject to. Services covered by IDAM include access management, user lifecycle management, privileged access management and recertification, as well as providing delivery and advisory services.
The IDAM Operation function is responsible for the day-to-day running of the core IDAM services. Predominantly these covers run activity performed on CyberArk (for privileged access), SailPoint (for logical access) and ServiceNow (for general ITSM) but other cross-technology functions fall under Operations’ remit too. The Operations function liaises with all other IDAM functions, as well as with non-IDAM functions.
Through a clear model based on segregation of duties, we distinguish between first, second- and third-line activities. The PAM product support team is the team responsible for 2nd line activities ranging from incident management (both generic and functional accounts) to release in production of third line team activities.
In this role you will
- Manage a team of CyberArk engineers responsible for 2nd line activities in the PAM services
- Ensure end2end view on incoming demand versus delivered output
- Ensure accurate incident management (prioritization, documentation, root cause analysis, problem candidate detection, feedback provisioning towards both internal IDAM/external teams) and look for/help drive case avoidance
- Ensure a controlled and complete production release mechanism from accounts perspective
- Identify and drive forward continuous improvement where required to help grow a mature and fully flexible team
- Review team and individual performance and have regular 1to1 meetings and annual review meetings to address any identified issues
- Help centralize and remove impediments detected
- Manage business collaborators to ensure both client satisfaction as well as client education where required (to ensure client alignment to standard processes)
- Manage business customer day2day critical issues upon occurrence (and de-escalate where required)
- Ensure timely preparation & orchestration of required Agile ceremonies (quarterly planning, sprint planning, retrospectives, …)
- You will bring:
- Ideally, 2 to 4 years of experience with CyberArk
- Strong leadership skills to drive the teams to success.
- Strong organisational and orchestration skills
- The ability to (re)prioritize based on criticality and/or urgency when required (on hands and result oriented approach)
- Good communication skills as well as the ability to create good customer networks
- Embrace change and help drive the team towards the future desired end state
About the Team
Senior IT Business Analyst
- Location: Cracow (hybrid), Poland
Division CISO
As a global critical financial infrastructure, the protection of Euroclear information and assets is fundamental to the company’s’ business. Security is at the core of our services, firmly embedded in the management systems and processes of the company. You will be joining our Chief Information Security Office (CISO) in charge of putting in place the required controls to protect our information assets adequately and effectively.
Senior IT Business Analyst
Responsibilities
- Develops effective relationships with business units, divisions, or groups of users.
- Ensures required business services are identified, developed, and supported to the satisfaction of the business unit/division.
- Establishes domain specific business knowledge and acts as the main point of contact for business support.
- Acts as a liaison between IT development and design and the business units for the development and implementation of new systems and enhancement of existing systems
- Evaluates new applications against business functional and non-functional requirements.
- Evaluates new initiatives and evolving business requirements and recommends appropriate alternatives and/or enhancements to current business solutions and systems.
- Prepares communications and makes business presentations on business solutions and system enhancements and/or alternatives.
- Understands the business drivers behind operational, functional, tactical, or strategic initiatives/changes and the added value these bring to the organization. Reflects this in proposing expert business advises and counsels for the definition of business IT solutions to the IT clients.
- Leads requirements and process analysis for business cases and delivers options for viable business solutions.
- Demonstrates understanding of the external market and internal clients and can leverage this to propose solutions meeting the business needs of internal and external stakeholders.
Role
- Responsible for acting as the primary interface between IT teams and specific business/functional areas.
- May lead the business scope definition of projects, interacting with the sponsor / customer to determine the strategy for the proposal and evaluate the feasibility <Euroclear specific: for some roadmaps, this role is played by the Product Business Analysts, the Business Consultancy Authority providing support and validating the outcome>
- Is responsible for understanding and assessing a client’s business operations, identifying issues and opportunities, and recommending appropriate business solutions. Ensures proper translation of business requirements and business processes into structured requirements documentation <Euroclear specific: HLBR, DBR> that satisfy the client’s constraints and objectives.
- Elicits business functional and non-functional requirements and create business process diagrams using the enterprise standard methodologies.
- Facilitates the implementation and deployment of system changes to internal and external stakeholders by providing them with support, advice and guidance throughout the whole project life cycle.
- Is the guardian, on behalf of the sponsor, of the project business scope and has the responsibility to highlight and control <Euroclear specific – through the Change Request process> deviations from that scope.
- Supports IT colleagues through the whole project development process, including the testing and deployment phases.
- This job requires a good knowledge and understanding of company business operations, high analysis capability, and a thorough understanding of the IT development and implementation process, this gained on more than one significant business change project.
- Incumbents are expert of the requirement elicitation and business analysis techniques and methodologies. They identify and apply best practice in their analysis and in leading the analysis of others.
- May lead a small team of business analysts in progressing business cases or analysis for projects.
- Contributes to the development of business cases and performs risks and impacts analysis, thereby engaging a wide range of stakeholders within business and IT. Persuades senior managers of the benefits of change in situation where there is resistance, and likely disruption to business.
- Works and thinks at a high level with experience in a specific functional business environment and related IT systems.
- Mainly focuses on business requirements and process analysis as well as implementation of changes regarding existing business processes and related IT solutions, but also provides support to the development of business cases and new initiatives.
Required Skills and Qualifications:
- 5+ year of experience as Business/Technical Analyst to be able to produce the required work products (or similar)
- Excellent communication skills (listening, writing, and presenting) at all levels, from team members to senior management level.
- Strong negotiation and conflict management skills
- Critical thinking skills (evaluate multiple options to settle on a solution)
- Flexibility to quickly adapt in case of unexpected change of priority.
- Capacity to work autonomously and in close team collaboration.
- Understanding of agile methodology and ability to work in an agile environment.
- Good learning skills
- Fluent in English (all communication channels)
Preferred Skills and Qualifications:
- Working knowledge of PAM (Privileged Access Management) and LAM (Logical Access Management)
- Understanding of CyberArk modules like AAM (Application Access Manager)
- Scrum Master Skills
- Experience on technical projects (To understand and build requirements around tools or technology implementation)
- Experience in generating process documentation using Business Process Modelling Notation
- Experience with BPMN or UML tools.
About the Team
Test Lead
- Location: Cracow (hybrid), Poland
Division: Chief Information Security Office (CISO)
Role:
- Prepare the testing phase (High level):
- Define the test and launch strategy (at the EPIC and features levels) according to the specifics of each project, based on the requirements and applying a risk based approach
- Define test environment and data needs
- Prepare the testing phase (Detailed):
- Ensure that test plans and scripts are draw up, approved and in line with standards and IT strategy
- With the support of the Epic Delivery Owner, identify contributors for the testing phase
- Coordinate with users to plan user acceptance testing
- Coordinate the execution of the testing activities and ensure the delivery of the testing products within quality standards, and within Euroclear processes
- Validates the product design documentation to ensure that requirements stated are suitable for the testing activity, are unambiguous and are verifiable
- Ensure that test environment are ready and fit for purpose
- Ensure that data’s are available to run the tests cases
- Coordinate the test plan execution, in line with the defined strategy
- Coordinate the end users during user acceptance testing
- Monitor, measure, control and report on the test progress & results
- Be the main reference point for problem critical issue
- Ensure that all tests are successfully completed and all problems are resolved
- Produce a test summary report before each launch
- Contribute to or manage the deployment preparation and execution for both Pre-Production and Production until the end of the warranty period
- Participate to the Go/No Go meeting
- Contribute to the project delivery
- Participate to project meetings
- Update (on a regular basis) the progress reporting on the testing and be an active stakeholder when the test failed
- Contribute to the “Go/No Go meeting” material
Skills
To strengthen our team, we are looking for a candidate with experience in the following areas:
- Good knowledge of system and software development and testing guidelines;
Our IT solutions refer to cloud and on-premises solutions including mainframe and virtual or physical distributed systems; Agile is our current development methodology. - Minimum 5 years of experience as test lead, including a deep understanding of various testing methodologies. Proficiency in different types of testing, such as functional, performance, security, and user acceptance testing.
This experience must incl. minimum 2 years for very complex projects. - Ability to create comprehensive test plans, evaluate risks, and devise test strategies, meaning a strong analytical skills to identify potential vulnerabilities and define appropriate test coverage for optimal defect identification.
- Good understanding of various information security and cyber domains particularly identity and access management, certificate management, network security and data protection;
- Ability to build clear and concise material supporting decision making;
- Knowing that we are in an evolutive environment, ability to suggest process evolvement and ability to convince on the added value of your proposal.
- Team player with strong communication skills, collaborative spirit, being able to discuss with both business people as with deep technical IT experts;
- Problem-solving skills to analyze data, investigate root causes, and propose innovative solutions
- Independent, service-oriented, well-structured and organized.
- Able to operate within an international/multi-cultural, networked environment.
- Fluent in English (speaking and writing).
About the Team
Threat Detection Engineer - Splunk Developer
- Location: Cracow (hybrid), Poland
Division: Chief Information Security Office (CISO)
Role:
- Interact with the different customers to capture and define requirements for the development and testing of the threat detection capabilities
- Cooperate with log source onboarding team to assure correct log source onboarding and log mapping to data models according to Splunk standard processes
- The development and tuning and continuous improvement of correlation rules
- Develop and maintain dashboards, reports, and alerts
- Create Splunk Knowledge Objects to address customers needs in context of using Splunk as security tool
- Prepare correlation search tests, conduct tests, and document evidence from test that shows correlation search addresses scenario described in use case
- Responsible for the creation of procedures, high-level/low-level documentation, implementation of processes and development of staff in relation to SIEM detection logic
- Coach a team (from a technical perspective); review work outputs and provide quality assurance
- Analyses and identifies areas of improvement with existing processes, procedures, and documentation
- Demonstrates how to use SIEM & Enterprise Security products to both technical/non-technical personnel
- Provides expert technical advice and counsel in the design, monitoring and improvement of SIEM security systems
- Prioritize and coordinate backlog of threat detection requests, making sure we have a healthy balance between defect resolution and new features
Qualifications:
Technical Skills:
- In depth experience in development and maintenance of SIEM use cases
- Fluent in Splunk’s search processing language (SPL)
- Excellent knowledge of Splunk Enterprise and Splunk Enterprise Security
- Sound knowledge about Splunk Common Information Model and log normalization using Data Models
- Solid understanding of cybersecurity technologies, protocols, and applications
- Excellent English communication skills (written and oral)!
Nice to have:
- Splunk Core Certified (Advanced) Power User (crucial)
- Splunk Certified Developer (nice to have)
- Splunk Enterprise Certified Admin (nice to have)
- Splunk Enterprise Security Certified Admin (nice to have)
- Any other Security Certifications (e.g. CEH, GIAC, CISSP, OSCP …)
Soft Skills:
- Strong analytical skills to evaluate sophisticated multivariate problems and find a systematic approach to gain a quick resolution, often under stress
- Strong problem solving, documentation, process execution, time management and organizational skills.
- Ability to communicate sophisticated information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means
- Fast and independent learner, with ambition to self-improve
- At ease in a fast-changing environment, flexible and pragmatic, open-minded
- Accurate, acting with attention to details
- Client focus and delivery oriented
- A team-focused mentality with ability to work & collaborate effectively in a team environment
- Good leadership and communication skills, whether on the field, in the team or with management: you are a keen standout colleague and coordinate work among people from different areas or divisions. A good relationship builder with strong diplomacy skills
- Ability to work autonomously
About the Team
Threat Detection Engineer - Splunk Developer
Division: CISO
Cyber Defense Center is part of the Chief Information Security Officer Office. The main responsibility of the team is to reduce the risk of Euroclear cyber threat surface by monitoring for malicious intent targeted at Euroclear’s services, it’s supporting assets and people. We do this through the Cyber Threat Management (CTM) capabilities, Security Operations Centre (SOC) which includes monitoring (Tier 1 & Tier 2) and Cyber Incident & Response Team (CIRT; Tier 3), Detection & Response Engineering Team (D&R Eng.), and Compliance and Assurance Team (C&A). This includes cyber threat intelligence, brand and digital footprint monitoring, security incident and event monitoring, cyber analytics, incident management and forensic analysis.
CDC supports capabilities within the security domain and acts as subject matter expert across all divisions in the company as well as interacts with external stake holders, including customers, oversight bodies, threat intelligence providers, and third parties.
The Detection & Response Engineering team is comprised of –
- Detection Engineers/Splunk Developers – who implement and maintain threat detections capabilities.
- SOAR developers – who develop response capabilities via playbooks, automation etc.
Role
Candidates in this role are responsible for the development and maintenance of correlation searches and dashboards on the SIEM (Splunk ES) platform.
Candidates will report to the Manager of Detection & Response Engineering and will work jointly with threat intelligence, design, engineering, and response teams, to gather and define requirements, specify clear priorities, evaluate technical tradeoffs, and build and maintain threat detection capabilities.
The candidates’ main responsibilities will be to:
- Interact with the different stakeholders to gatherand define requirements for the development and testing of threat detection capabilities.
- Cooperate with log source onboarding team to assure correct log source onboarding and log mapping to data models according to Splunk best practices.
- The development and tuning and continuous improvement of correlation rules.
- Develop and maintain dashboards, reports, and alerts.
- Create Splunk Knowledge Objects to address stakeholders needs in context of using Splunk as security tool.
- Prepare correlation search tests, conduct tests, and document evidence from test that shows correlation search addresses scenario described in use case.
- Responsible for the creation of procedures, high-level/low-level documentation, implementation of processes and development of staff in relation to SIEM detection logic
- Coach a team (from a technical perspective); review work outputs and provide quality assurance.
- Analyses and identifies areas of improvement with existing processes, procedures, and documentation.
- Demonstrates how to use SIEM & Enterprise Security products to both technical/non-technical personnel.
- Provides expert technical advice and counsel in the design, monitoring and improvement of SIEM security systems.
- Prioritize and coordinate backlog of threat detection requests, making sure we have a healthy balance between defect resolution and new features.
Qualifications
Technical Skills
- In depth experience in development and maintenance of SIEM use cases
- Fluent in Splunk’s search processing language (SPL)
- Excellent knowledge of Splunk Enterprise and Splunk Enterprise Security
- Sound knowledge about Splunk Common Information Model (CIM) and log normalization using Data Models
- Strong understanding of cybersecurity technologies, protocols, and applications
- Excellent English communication skills (written and oral)
Assets
- Splunk Core Certified (Advanced)Power User (essential)
- Splunk Certified Developer (nice to have)
- Splunk Enterprise Certified Admin (nice to have)
- Splunk Enterprise Security Certified Admin (nice to have)
- Any other Security Certifications (e.g. CEH, GIAC, CISSP, OSCP …)
Soft Skills
- Strong analytical skills to evaluate complex multivariate problems and find a systematic approach to gain a quick resolution, often under stress.
- Strong problem solving, documentation, process execution, time management and organizational skills.
- Ability to communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means.
- Fast and independent learner, with ambition to self-improve.
- At ease in a fast-changing environment, flexible and pragmatic, open-minded
- Accurate, acting with attention to details.
- Client focus and delivery oriented
- A team-focused mentality with ability to work & collaborate effectively in a team environment.
- Good leadership and communication skills, whether on the field, in the team or with management: you are a keen team player and coordinate work amongst people from different areas or divisions. A good relationship builder with strong diplomacy skills
- Able to work autonomously.
About the Team
Apply Here
Threat Detection Engineer - Splunk Developer
- Location: Cracow (hybrid), Poland
Division: CISO
Cyber Defense Center is part of the Chief Information Security Officer Office. The main responsibility of the team is to reduce the risk of Euroclear cyber threat surface by monitoring for malicious intent targeted at Euroclear’s services, it’s supporting assets and people. We do this through the Cyber Threat Management (CTM) capabilities, Security Operations Centre (SOC) which includes monitoring (Tier 1 & Tier 2) and Cyber Incident & Response Team (CIRT; Tier 3), Detection & Response Engineering Team (D&R Eng.), and Compliance and Assurance Team (C&A). This includes cyber threat intelligence, brand and digital footprint monitoring, security incident and event monitoring, cyber analytics, incident management and forensic analysis.
CDC supports capabilities within the security domain and acts as subject matter expert across all divisions in the company as well as interacts with external stake holders, including customers, oversight bodies, threat intelligence providers, and third parties.
The Detection & Response Engineering team is comprised of –
- Detection Engineers/Splunk Developers – who implement and maintain threat detections capabilities.
- SOAR developers – who develop response capabilities via playbooks, automation etc.
Role
Candidates in this role are responsible for the development and maintenance of correlation searches and dashboards on the SIEM (Splunk ES) platform.
Candidates will report to the Manager of Detection & Response Engineering and will work jointly with threat intelligence, design, engineering, and response teams, to gather and define requirements, specify clear priorities, evaluate technical tradeoffs, and build and maintain threat detection capabilities.
The candidates’ main responsibilities will be to:
- Interact with the different stakeholders to gatherand define requirements for the development and testing of threat detection capabilities.
- Cooperate with log source onboarding team to assure correct log source onboarding and log mapping to data models according to Splunk best practices.
- The development and tuning and continuous improvement of correlation rules.
- Develop and maintain dashboards, reports, and alerts.
- Create Splunk Knowledge Objects to address stakeholders needs in context of using Splunk as security tool.
- Prepare correlation search tests, conduct tests, and document evidence from test that shows correlation search addresses scenario described in use case.
- Responsible for the creation of procedures, high-level/low-level documentation, implementation of processes and development of staff in relation to SIEM detection logic
- Coach a team (from a technical perspective); review work outputs and provide quality assurance.
- Analyses and identifies areas of improvement with existing processes, procedures, and documentation.
- Demonstrates how to use SIEM & Enterprise Security products to both technical/non-technical personnel.
- Provides expert technical advice and counsel in the design, monitoring and improvement of SIEM security systems.
- Prioritize and coordinate backlog of threat detection requests, making sure we have a healthy balance between defect resolution and new features.
Qualifications
Technical Skills
- In depth experience in development and maintenance of SIEM use cases
- Fluent in Splunk’s search processing language (SPL)
- Excellent knowledge of Splunk Enterprise and Splunk Enterprise Security
- Sound knowledge about Splunk Common Information Model (CIM) and log normalization using Data Models
- Strong understanding of cybersecurity technologies, protocols, and applications
- Excellent English communication skills (written and oral)
Assets
- Splunk Core Certified (Advanced)Power User (essential)
- Splunk Certified Developer (nice to have)
- Splunk Enterprise Certified Admin (nice to have)
- Splunk Enterprise Security Certified Admin (nice to have)
- Any other Security Certifications (e.g. CEH, GIAC, CISSP, OSCP …)
Soft Skills
- Strong analytical skills to evaluate complex multivariate problems and find a systematic approach to gain a quick resolution, often under stress.
- Strong problem solving, documentation, process execution, time management and organizational skills.
- Ability to communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means.
- Fast and independent learner, with ambition to self-improve.
- At ease in a fast-changing environment, flexible and pragmatic, open-minded
- Accurate, acting with attention to details.
- Client focus and delivery oriented
- A team-focused mentality with ability to work & collaborate effectively in a team environment.
- Good leadership and communication skills, whether on the field, in the team or with management: you are a keen team player and coordinate work amongst people from different areas or divisions. A good relationship builder with strong diplomacy skills
- Able to work autonomously.
About the Team