Security Analyst @ Greenomy in Fully Remote

Greenomy is expanding, join a fast-growing company at the sweet spot between technology and sustainable finance!

At Greenomy, our mission is to accelerate the global transition to a sustainable economy. Our advanced SaaS regulatory reporting platform empowers companies and financial institutions to generate the data needed to comply swiftly and efficiently with the new tide of sustainable finance regulations at European and global levels. Our technology therefore facilitates the redirection of funds towards sustainable activities, speeding up the transition to a low carbon economy in line with the EU Green Deal.

In order to sustain our rapid growth, we are looking for a highly motivated  Security Analyst to join our team.

How you will make an impact:

You will be part of the InfoSec team playing an active role in protecting the confidentiality, integrity, availability, and recoverability of information assets of Greenomy. Working in close collaboration with the CISO, you will be responsible for designing, creating, and maintaining the security systems within Greenomy’s IT network, including the computer systems and data as well as our SaaS platform..

If you enjoy taking ownership and are at ease in an entrepreneurial environment where change is the norm and many things are still to be built, then this is a great opportunity to leave your mark at the early stage of a fast-growing scale-up.

What we expect from you:

Security Operations:

• Enhances IT team competencies by planning the delivery of security solutions and answering technical security questions.
• Plans, researches, and designs security architecture for IT systems.
• Manage our outsourced SOC and coordinate actions with the service provider for managing and handling security alerts.
• Assist the CISO in the managing the security tools, implementing security parameters on the IT infrastructure; and providing technical security expertise.
• Responds to, and investigates, security incidents and provides thorough post-event analyses.
• Monitor the endpoint security solutions and ensure that all endpoint protection is up to date.
• Perform and follow-up on vulnerability scans, identifying and resolving critical security issues and follow-up on less critical findings within pre-defined timelines.

Application Security:

• Implementing secure SDLC, secure coding and security by design best practices.
• Conduct static and dynamic analysis (SAST/DAST) on a variety of code bases and platforms.
• Through standard enterprise tools, discover security vulnerabilities in web and mobile applications and provide recommended remediation steps to developers.
• Enforce smart CI/CD security tooling (SAST, dependencies checker).
• Identify vulnerability in the source code and design of our products.
• Fix vulnerabilities or support development team on fixing.
• Perform regular penetration testing campaigns on our products and follow-up remediation activities with the dev team.

What we are looking for:

• 5 years’ experience delivering information security and infrastructure security reviews, risk and vulnerability management, technical system security configuration review.
• Security qualification(s) such as CISSP, CISM, CEH, CISA, SSCP, ISO 27001, IT/ Computing Certifications (Cisco, Microsoft, Oracle, etc).
• Knowledge and application of information security frameworks and methodologies (e.g. NIST, ISO 27001, Data Protection, CIS Controls, OWASP) and other information security frameworks.
• Successful track record in working in complex environments and large complex projects.
• Advanced understanding of security protocols, cryptography, and security.
• Strong analytical and problem-solving skills.
• Knowledge of Agile process and principles.
• Customer service orientated with good problem solving and analytical skills and the ability to communicate effectively at all levels.

It’s an advantage if you have any of the following:

• Experience implementing multi-factor authentication.
• Experience implementing security solutions.
• A well developed, practical understanding of Google Workspace solution.
• A well developed, practical understanding of SaaS technologies.
• Competence in Project Management tools (MS Project, Asana, etc).
• Familiarity with Google suite, Notion and Slack.

What you can expect from us:

• Compensation package tailored to your skills and experience.
• A flexible and remote-friendly work environment.
• Opportunity to build your core skills internally and via external trainings.
• Regular team-building events.
• A fast-growing company with a sense of purpose operating in a highly innovative space.
• An entrepreneurial, international, and dynamic work environment.
• A complementary team with a balanced skill and seniority mix that will support you and help you perform.
• A strong recognition for your individual and collective contributions.
• A highly caring team that embraces diversity

More about Greenomy and our values:

Greenomy is a Brussels-based company founded in late 2020. Our partially remote team comprises passionate, diverse and complementary individuals from over 15 countries. We are fortunate to count on the trust and support of outstanding clients and strategic partners across Europe and beyond. We also have the backing of Euroclear, our first client who became our investor in February 2022. Our commitment to bringing innovative sustainability solutions to the market has been recognized on several occasions. Recent awards include “Best Sustainability Solution” at the 2022 SIBOS in Amsterdam and first place at the 2021 G20 Techsprint for Sustainable Finance solutions in Milan.

We believe our ambition can only become a reality with a strong team spirit, drive for purpose, and eagerness to learn. We feel a responsibility to create a safe space for everyone. We bring diversity and inclusion are at the top of our agenda. Last but not least, as a sustainability company, we need to walk the talk!

We are committed to creating an inclusive culture that celebrates diversity and strives to be a Great Place to Work for All. All qualified applicants will be considered for employment, regardless of any aspect that makes them unique (including race, religion, national origin, gender, sexual orientation, age, marital status, pregnancy, disability).