Mission Context
Our client is looking for an Application Security Engineer to join the fast-evolving field of distributed (Java/mobile) development technologies and tools. You will be part of the Application Security & Vulnerability Management team and play a critical role in ensuring the security of applications developed within IT.
Major Responsibilities
● Manage requests from squads through Jira tickets related to setting up security tools and configurations managed by our team
● Perform code reviews on applications developed within IT, utilizing security tooling (e.g., SAST).
● Proactively support and assist IT development squads in adopting secure development practices and SecDevOps.
● Prepare and conduct training sessions on security-related topics, including common coding mistakes.
● Coach squads on how to effectively use various security tool
● Manage the technical infrastructure supporting automatic code reviews and open-source library evaluations.
● Maintain and ensure compliance with security and applied policies.
● Follow up on and report the execution of security evaluations.
● Keep development guidelines up to date.
● Review defects and vulnerabilities and ensure their proper resolution.
● Take on a leadership role as an application security expert in implementing projects or
changes within the team’s scope.
Minor Responsibilities
● Manage security issues: Detect, report, and closely follow up on any security problems.
● Support IT developers in finding solutions for security risks and incident
● Provide input for new security measures, including detection mechanisms.
● Occasionally write scripts for internal tooling, though coding is not a major part of the
role.
Personal Ambition: Your goal is to grow your expertise in application security, becoming a seasoned application security expert over the next 3-5 years.
Language Requirements
● English: Very good knowledge (an absolute must)
● Dutch/French: Desirable but not mandatory.
Required Experience & Knowledge
● Proven experience in application development, and keeping up-to-date with current
evolutions in the application development domain.
● Strong interest in application security and a desire to specialize in this area over the next
few years.
● Solid understanding of the software development lifecycle in an Agile environment, as well as DevOps processes.
● Good understanding of security checks to be applied at different stages of the software development lifecycle.
Technical Experience (Mandatory)
● Up-to-date knowledge on recent developments in software development technologies, including programming languages, standard tools, and platforms (e.g., Jenkins, Gitlab, Maven, Docker, etc.).
● Expertise in application security, with an interest in penetration testing and initial experience.
● Knowledgeable in network security.
● Understanding of the challenges related to mobile application development and testing.
Business Experience (Preferred)
● While no specific business experience is required, experience in environments with high information security requirements (e.g., banking, pharma, aviation, nuclear, military) is a plus.