As a global critical financial infrastructure, the protection of Euroclear information and assets is fundamental to the company’s business. Security is at the core of our services, firmly embedded in the management systems and processes of the company.

As the Secure Configuration Product Owner, you will be joining the CISO - IT Risk team in charge of implementing, maintaining, and monitoring secure configuration standards across the organisation’s IT infrastructure. This role ensures that all technologies and configuration items are configured in accordance with security best practices and organisational policies, safeguarding against misconfiguration and minimising risk.

You will liaise and drive the various product owners across the end-to-end service, including:

• Governance
• CMDB
• TSBs and SharePoint inventory
• TSB Recertification Process
• Security Compliance Checking (SCC)
• Rapid7 Tooling
• Contract File Processing
• Compliance Dashboard
• Remediation Process

Every aspect of our business is supported by highly advanced technologies and a range of applications and platforms. The teams you will engage with will be comprised of resources drawn from CISO and various other IT and Business functions.

Your overall responsibility includes:

• Develop, document, and enforce the secure configuration standard, process guides and governance documents.
• Owning the secure configuration controls, providing evidence that the control has been met effectively.
• Oversee the review and updates of technical security baselines to ensure ongoing compliance with security requirements.
• Monitor configuration compliance using automated tools and manual checks and report any deviations or non-compliance.
• Conduct audits and assessments to identify non-compliance or security gaps in system configurations.
• Collaborate with IT Product Owners to remediate non-compliant settings and implement corrective actions.
• Provide training and guidance to staff on secure configuration practices and the importance of compliance.
• Maintain thorough records of configuration changes, audit results, and compliance activities.

Your Profile:

• Strong knowledge of IT security principles, including secure configuration frameworks (e.g., CIS benchmarks, NIST).
• Excellent analytical and problem-solving skills.
• You naturally have strong negotiation and conflict management skills, and you are able to influence different levels of management.
• You have excellent communication skills (listening, writing, and presenting) at all levels, from staff members to senior management level.
• You have a natural affinity with the technical domains.
• Attention to detail and commitment to maintaining high security standards.
• Proactive approach to identifying and mitigating risks.
• Strong organisational skills and the ability to manage multiple priorities.
• Relevant certifications (e.g. CISSP, CISM) are desirable.

Please note that this is a permanent position, and we do not offer freelance/contract arrangement for the role.

#LI-AK1