Application Security Expert
Your Mission:
As a key member of the Information Security team for Oliver James' esteemed client, led by their CSO, you will play a critical role in ensuring the security of applications and platforms. You will collaborate closely with security colleagues, security and solutions architects, IT product teams, and business units to ensure robust security practices.
Key Responsibilities:
Security Monitoring:
- Collaborate with IT product and architecture teams to ensure platforms and applications follow best security practices throughout their lifecycle.
- Conduct technical design reviews and oversee code reviews (static and dynamic testing).
- Evaluate the security maturity of the software development lifecycle (SDLC).
- Oversee cloud security posture (Azure/AWS) in line with the client's security guidelines.
- Support the 3rd Party Security team to ensure third-party solutions comply with the client's security requirements.
- Provide risk-based security assessments (Go/No Go).
- Supervise network and encryption controls to protect applications.
- Maintain a comprehensive view of application/platform security with key risk indicators.
- Track vulnerabilities and remediation plans.
- Assist the Security Office, business lines, and IT teams in maintaining up-to-date views on application security risks and vulnerabilities, presenting clear management pathways.
Governance:
- Actively participate in defining, coordinating, and implementing the annual application security roadmap.
- Translate and implement Group security requirements to protect the application landscape.
- Contribute to new projects by defining, tracking, and implementing security requirements.
- Lead efforts to systematically improve the maturity and efficiency of application security processes and ISO 27K controls.
Awareness:
- Promote a security culture and train IT departments (Engineering, Operations) on security procedures and risks.
- Develop security guidelines for technologies such as .NET, Java, Python, Angular, etc.
Inventory Management:
- Actively participate in aligning application, cloud, and security inventories.
Your Profile:
Qualifications and Experience:
- Bachelor's or Master's degree in Computer Science, Information Systems, Information Security, or a related field.
- At least 3 years of experience in application security management (penetration testing, SAST, DAST, code review, vulnerability management).
- Strong knowledge of industry security frameworks and best practices (OWASP Top 10, ASVS, SANS, NIST).
- Understanding of secure software development lifecycle (SDLC) principles.
- Experience in secure application development with various languages/frameworks (.NET, Java, Python, Angular) is highly valued.
- Practical experience with infrastructure as code for cloud environments (AWS CloudFormation, Azure Resource Manager, Docker) is a plus.
- Familiarity with ISO27K and advanced PowerBI dashboard development is a plus.
General Skills:
- Strong team spirit and ability to work independently.
- Excellent problem-solving and analytical skills.
- Effective communication skills for both technical and management audiences.
- Fluent in English (spoken and written); knowledge of French and/or Dutch is an advantage.
About Oliver James' Esteemed Client:
Our client is a global leader not just in insurance and asset management but also in risk prevention and awareness. They are committed to fostering an inclusive and diverse environment. In Belgium, they are the market leader in non-life insurance, with over 3,000 dedicated employees working to become trusted partners to their 3 million customers.
Why Join Us?
Compensation and Benefits:
- Competitive salary with personal and collective bonuses, meal vouchers, and eco-cheques.
- Comprehensive insurance benefits, including collective insurance and hospitalization coverage (extended to household members at favorable rates), plus up to 30% discount on other insurance products.
- Generous leave policy with 35 days off per year, flexible work-from-home options, sports facilities, and ongoing training to keep you professionally, physically, and mentally fit.
