Expert in Secure Development – Brussels, Belgium

Introduction

A job where you can deploy your skills as Expert in Secure Development in an international environment, that is what WESTPOLE offers you.

Organization

Belgium – International Organisations

Function

As anExpert in Secure Development you will have to :

  • Contribute to the design of the overall application security.
  • Define security requirements and derive technical actions targetingthe application components and the code base.
  • Analyse SAST and DAST findings (initial triage with the team),performing code review of implemented corrections.
  • Draft documentation such as architecture design descriptions,assessment reports and configuration descriptions.
  • Take an active part in developing and improving the applicationsecurity, and have it understood and implemented by the team.
  • Analyse risks and security policy requirements and propose actions.
  • Vulnerability testing definition of corrective actions.
  • Categorize events, incidents and vulnerabilities based on relevance,exposure and impact.
  • Advance security enhancements in DevSecOps processes.
  • Provide security training and education.
  • Draft security programmes, security plans and proposeimplementation actions.
  • Animate the Security Champions community

Requirements

  • Experience with ISO 27000 family of standards or equivalent securitystandards implementation.
  • Knowledge of ITSRM2 is a plus.
  • Excellent knowledge of application security.
  • Experience in the security aspect of software development (i.e.: authenticationwith open id connect
  • SAML or CAS, secure rest or web services, encryption with PKI,authorisation, secrets management).
  • Experience with secure IT development patterns.
  • Experience in the security domain
  • Understanding of risk assessments
  • Experience in penetration testing and ethical hacking (i.e.: usage of tools likeMetasploit, Burpsuite or equivalent).
  • Experience with security test tools (i.e.: Fortify or equivalent) and web sitevulnerability scans.
  • Good understanding of the 3rd party dependency security (libraries, containerand VM images).
  • Knowledge of OWASP.
  • Proven experience in Information Systems Development and InformationSystems Security, preferably for Java EE technology (at minimumunderstanding the code and architectural blueprints, however hands-onprogramming experience is a plus
  • Knowledge of Agile methodology
  • Due to the particular nature of a large international organisation such as theEuropean Commission, candidates should also have the following nonu0002technical skills:
  • Autonomous and rapid self-starting capability.
  • Strong organisational and time-management skills.
  • Strong team spirit.
  • Ability to apply high quality standards.
  • Capability of integration in an international/multi-cultural environment.
  • Ability to participate in multi-lingual meetings.
  • Ability to understand, speak and write English (B2 level)
  • Proactive attitude, communicative (e.g., good listener) and customer-oriented

Information

Our values

We do not only have a set of value that guide our daily choices, but they are really embedded in our DNA. We call it WESTPOLE MENTALITY. Our culture respects individuality and growth for each employee, and if you join our family you will be in contact every day with our values, which represent the way we face our daily challenges.