Security Analyst

Security Analyst

You must be based in Belgium to be considered for this role, no candidates living outside of Belgium will be considered.

Job type: Freelance contract (self employed)

Location: Brussels (hybrid 6-8 days peer month onsite)

Duration: 12 months (scope for extension)

Role Overview

We are seeking an experienced Security Analyst to support a banking organisation in Belgium on a full-time freelance basis. This role requires a hands-on security professional who is comfortable independently conducting risk assessments and threat assessments, translating findings into actionable security improvements, and working closely with technology and business stakeholders.

This is not a purely advisory or oversight role — the successful candidate will be expected to personally perform assessments, analyse systems and processes in depth, and contribute directly to strengthening the bank’s security posture.

Key Responsibilities

• Conduct hands-on security risk assessments across applications, infrastructure, cloud environments, and business processes.
• Perform threat assessments and threat modelling, identifying attack vectors, vulnerabilities, and potential business impacts.
• Analyse security risks related to financial systems, sensitive data, and regulated banking environments.
• Document findings clearly, including risk ratings, threat scenarios, and practical mitigation recommendations.
• Work closely with engineering, infrastructure, cloud, and business teams to validate risks and agree on remediation actions.
• Support security reviews of new initiatives, system changes, and third-party integrations.
• Contribute to improving security standards, controls, and assessment methodologies within the organisation.
• Ensure alignment with relevant banking regulations, internal security policies, and industry best practices.

Required Experience & Skills

• Proven experience as a Security Analyst, Information Security Analyst, or similar role within banking or financial services.
• Strong, demonstrable experience conducting risk assessments and threat assessments hands-on (not purely coordinating or reviewing others’ work).
• Solid understanding of:
• Information security principles (confidentiality, integrity, availability)
• Threat modelling methodologies and risk frameworks
• Common attack vectors and vulnerabilities in enterprise and cloud environments
• Experience working in regulated environments, ideally within a bank or financial institution.
• Ability to communicate complex security risks clearly to both technical and non-technical stakeholders.
• Comfortable working autonomously as a freelance contractor in a fast-paced environment.

Nice to Have

• Familiarity with financial regulations and standards (e.g. ISO 27001, NIST, EBA guidelines, PCI DSS).
• Experience assessing cloud-based architectures (AWS, Azure, or GCP).
• Background in application security, infrastructure security, or third-party risk.
• Experience working in hybrid or multi-country European banking environments.