Cyber Security Specialist

Cboe Digital • Full-time • Amsterdam, NL • 1d ago

Job Description

At CboeClear Europe, we inspire our people to solve complex challenges together because what we do matters. We provide the financial infrastructure that powers the global economy. As a leading provider of market infrastructure and tradable products, Cboe delivers cutting-edge trading, clearing and investment solutions to market participants around the world.

We’re building inclusive ways to support professional and personal developmentwhile strengthening the trust we’ve earned as a global market leader. Our teams are empowered to share ideas, actively pursue them and bring on a challenge. As champions of internal mobility and access toopportunity, we encourage our people to “go for it” and equip our managers with the training to coach their teams to the next level. Our Associate Resource Groups champion diversity, equity and inclusion, giving associates a safe space to network, share ideas and create opportunities.

Sound like the place for you? Join us!

Cboe Clear Europe is hiring for Cyber Security Specialist

As a Security Specialist you play a crucial role in securing our IT infrastructure landscape. You ensure that security is constantly improving, amidst IT transformations such as our journey to the cloud, the implementation of DevOps and an Agile way of working.

Thisrole will give you exposure to both legacy and cutting-edge technologies and work across both Infrastructure, Web, and Cloud.You will be responsible forsecurity implementations, delivering high-quality services and solutions across all infrastructure and application development platforms. You will perform design reviews of new applications, products, and services to identify potential risks and recommend appropriate mitigations, design approach including the design of the appropriate security testing.

In this role you’llbe responsible for:

Designing and implementing robust security solutions to protect IT infrastructure and Cloud integrations.
Participating in infrastructure design reviews and threat modelling sessions, promoting best infrastructure practices.
Incorporating Generative AI features in design and managing risks.
Delivering and integrating security tooling into DevOps delivery pipelines.
Delivering and performing design reviews of new applications, products, and services to identify potential risks and recommend appropriate mitigations.
Performing security assessments, testing, and manual code reviews of applications.
Conducting post-incident root-cause analysis and developing strategies to prevent recurrence.
Creating technical security standards for relevant technologies.
Assisting with the development and delivery of Cboe Clear Europe’s application security strategy.
Monitoring and driving application security compliance during the project lifecycle.
Working with stakeholders to implement security solutions and initiatives addressing new vulnerabilities.
Delivering technical aspects through planning, designing, and building for project and compliance security testing.
Developing solutions to secure architecture requirements and standards.
Engaging across multiple functions on a global level to ensure code development lifecycles are in place and application verification is driven through all application development programs.
Ensuring accurate delivery progress reporting is completed and communicated to relevant stakeholders.
Implementing and reviewing security controls on other layers of infrastructure, including applications within Kubernetes clusters, service virtual machines, and SaaS.

The ideal candidate has:

At least 9+ years of experience in the IT security / network / infrastructure field and4+ years of hands-on experience in information security
A strong understanding of DevOps principles and how security controls can be effectively integrated into DevOps pipelines
Knowledge of security aspects of various technologies, including security tooling, authentication/authorization technologies (e.g., OAuth, SAML), and common technologies used to deliver and support applications (e.g., Linux, Windows, databases, load balancers, firewalls, IDS, EDR)
Familiarity with common application-related compliance requirements (e.g., GDPR, EMIR, DORA)
Experience in analysing, assessing, and resolving complex technology requirements, problems, and issues
Strong written and verbal communication skills, with the ability to form strong business relationships across multiple locations and create management reporting to convey operational metrics, trends, or other key information
Demonstrated strong influencing and persuading skills, encouraging colleagues and teams to change established processes, achieve improvements, and best practices
A bachelor’s degree in cyber security, network/security engineering, computer science, MIS, CIS, or a related field, or extensive relevant work experience
Certification in any of the following is preferred: CISSP, CISM, CISA, CCSP, or equivalent.

You’ll really stand out with:

Previous work with a Fin-Tech company is preferred but not required
Additional security industry training such as SANS or Offensive Security preferred
Knowledge of information security concepts and technologies, including cyber risk, third party risk, and security governance
Knowledge of a wide range of security/risk management frameworks like NIST, CIS etc.
Cloud security with a special focus on hybrid cloud environments
Experience with IS documentation, -report writing, reviewing and consulting
Stakeholder management skills, especially in a multi-cultural and international environment.

Benefits and Perks

We value the total wellbeing of our people – including health, financial, personal and social wellness. We believe standard benefits like health insurance and fair pay area given at any organization. Still, you should know we offer:

Fair and competitive salary and incentive compensation packages with an upside for overachievement
Cboe offer pension contributions up to 7% of base salary
Enhanced paid parental leave to support parents
Employee Assistance Plan to help employees deal with personal problems that might adversely impact their work performance, health and well-being. This service includes short- term counselling and referral services for employees and their immediate family
Corporate Gym Membership which provides discounted access to gyms, health sport and wellness clubs ofdifferent fitness genres across the Netherlands. (taxable benefit)
25 days holiday per year per holiday year for full time employees, increasing with length of service at a rate of one extra day per completed years’ service, up to a maximum of 30 days
Flexible, hybrid work environment, where you choose where and how you work (2/3 days per week in office)
Discounted Employee Stock Purchase Plan
Employee referral bonus program
Complimentary lunch, snacks and drinks in any Cboe office
Paid tuition assistance and education opportunities
Generous charitable giving company match
Volunteer opportunities to help you give back to your communities.

More About CboeClear Europe

We’re reimagining the future of the workplace by focusing on what matters most, our people. Our journey is an inclusiveone. We’re investing deeply in leadership programs and career developmentinitiatives that ensure everyone has an equal chance to succeed. We celebrate thediversityinourcommunities,insideandout, and welcome new perspectives withequity,inclusionandbelonging.

Weworkwithpurpose,solvingproblemswithingenuity,collaboration,andalot of passion. We’re an engaged and excited team connecting markets acrossborders andembracinggrowthinallitsformstoachieveincredible outcomes.

Learn more about life at Cboe on our website and LinkedIn.

Equal Employment Opportunity

We're proud to be an equal opportunity employer - and celebrate our associates' differences, including race, religion, sex, sexual orientation, gender identity, national origin, age and disability

#LI-CP1

Any communication from Cboe regarding this position will only come from a Cboe recruiter who has a @cboe.com email or via LinkedIn Recruiter. Cboe does not use any otherthird party communication tools for recruiting purposes.