Our Client - Banking Sector
Mission Context
In the fast-evolving landscape of distributed (Java/Mobile) development technologies and tools, our client in the Banking Sector is seeking an Application Security Engineer to strengthen its Application Security & Vulnerability Management team.
Role & Responsibilities
As an Application Security Engineer, you will be responsible for ensuring secure application development by providing expertise, guidance, and oversight in application security practices. Your main responsibilities will include:
Major Responsibilities:
Security Tooling & Support:
Manage squad requests for setting up security tools via Jira tickets.
Conduct code reviews on internally developed applications using security tooling (SAST).
Provide proactive support and guidance to IT development squads in secure development (SecDevOps) adoption.
Deliver training sessions on security topics, including common coding vulnerabilities.
Coach development squads on effectively using security tools.
Infrastructure & Policy Management:
Oversee the technical infrastructure supporting automatic code reviews and open-source library evaluations.
Maintain and update security policies and compliance guidelines.
Track and report on the execution of security evaluations.
Keep development security guidelines up to date.
Review defects and vulnerabilities and ensure proper resolution.
Minor Responsibilities:
Security Issue Management:
Identify and report security risks to the relevant application owners and follow up on resolution.
Assist IT developers in identifying and resolving security risks and incidents.
Provide recommendations for new security measures, including detection mechanisms.
While this role does not involve extensive coding, a strong coding background is essential to support IT teams in enhancing the security of internally developed applications.
Growth & Career Development
Our client is looking for someone who aspires to grow into a seasoned Application Security Expert within the next 3-5 years.
Language Requirements
English - Very good knowledge (mandatory)
Dutch or French - Desirable but not mandatory
Education & Work Arrangement
Degree: Master's in Cyber Security, IT, or Engineering
Telework Expectation: 50% on-site & 50% remote
Required Experience & Knowledge
Must-Have Experience:
Strong background in application development and up-to-date knowledge of modern development trends.
Deep interest in application security with a goal to become an expert.
Understanding of Software Development Lifecycle (SDLC) and security controls at various stages.
Familiarity with Agile and DevOps methodologies.
Technical Skills (Mandatory):
Strong expertise in software development technologies (e.g., Jenkins, GitLab, Maven, Docker).
Solid understanding of application security principles and secure coding practices.
Interest and initial experience in penetration testing.
Knowledge of network security concepts.
Awareness of mobile application development & testing challenges.
Minimum 2 years of experience in application security.
Preferred Business Experience:
Prior experience in high-security industries (banking, pharma, aviation, nuclear, military, etc.) is a plus but not mandatory.
Soft Skills & Competencies
Team player with excellent collaboration skills.
Self-starter with a proactive and problem-solving mindset.
Strong ability to interact with diverse stakeholders (developers, architects, testers, business teams, management).
Willingness to stay updated on the latest security trends.
Quick learner with strong analytical and synthesis skills.
Excellent communication and influencing abilities.
High level of autonomy, commitment, and perseverance.
Ability to work in a multicultural and dynamic environment.
Assertive and result-oriented approach.
