Security Analyst
Security Analyst
You must be based in France to be considered for this role, candidates not living in France will not be considered.
Job type: Freelance contract (self employed)
Location: Paris (hybrid 6-8 days peer month onsite)
Duration: 12 months (scope for extension)
Role Overview
We are seeking an experienced Security Analyst to support a banking organisation in Belgium on a full-time freelance basis. This role requires a hands‑on security professional who is comfortable independently conducting risk assessments and threat assessments, translating findings into actionable security improvements, and working closely with technology and business stakeholders. This is not a purely advisory or oversight role — the successful candidate will be expected to personally perform assessments, analyse systems and processes in depth, and contribute directly to strengthening the bank’s security posture.
Key Responsibilities
- Conduct hands‑on security risk assessments across applications, infrastructure, cloud environments, and business processes.
- Perform threat assessments and threat modelling, identifying attack vectors, vulnerabilities, and potential business impacts.
- Analyse security risks related to financial systems, sensitive data, and regulated banking environments.
- Document findings clearly, including risk ratings, threat scenarios, and practical mitigation recommendations.
- Work closely with engineering, infrastructure, cloud, and business teams to validate risks and agree on remediation actions.
- Support security reviews of new initiatives, system changes, and third‑party integrations.
- Contribute to improving security standards, controls, and assessment methodologies within the organisation.
- Ensure alignment with relevant banking regulations, internal security policies, and industry best practices.
Required Experience & Skills
- Proven experience as a Security Analyst, Information Security Analyst, or similar role within banking or financial services.
- Strong, demonstrable experience conducting risk assessments and threat assessments hands‑on (not purely coordinating or reviewing others’ work).
- Solid understanding of:
- Information security principles (confidentiality, integrity, availability)
- Threat modelling methodologies and risk frameworks
- Common attack vectors and vulnerabilities in enterprise and cloud environments
- Experience working in regulated environments, ideally within a bank or financial institution.
- Ability to communicate complex security risks clearly to both technical and non‑technical stakeholders.
- Comfortable working autonomously as a freelance contractor in a fast‑paced environment.
Nice to Have
- Familiarity with financial regulations and standards (e.g. ISO 27001, NIST, EBA guidelines, PCI DSS).
- Experience assessing cloud‑based architectures (AWS, Azure, or GCP).
- Background in application security, infrastructure security, or third‑party risk.
- Experience working in hybrid or multi‑country European banking environments.