A job where you can deploy your skills as Expert in Secure Development in an international environment, that is what WESTPOLE offers you.
Belgium – International Organisations
As anExpert in Secure Development you will have to :
- Contribute to the design of the overall application security.
- Define security requirements and derive technical actions targetingthe application components and the code base.
- Analyse SAST and DAST findings (initial triage with the team),performing code review of implemented corrections.
- Draft documentation such as architecture design descriptions,assessment reports and configuration descriptions.
- Take an active part in developing and improving the applicationsecurity, and have it understood and implemented by the team.
- Analyse risks and security policy requirements and propose actions.
- Vulnerability testing definition of corrective actions.
- Categorize events, incidents and vulnerabilities based on relevance,exposure and impact.
- Advance security enhancements in DevSecOps processes.
- Provide security training and education.
- Draft security programmes, security plans and proposeimplementation actions.
- Animate the Security Champions community
- Experience with ISO 27000 family of standards or equivalent securitystandards implementation.
- Knowledge of ITSRM2 is a plus.
- Excellent knowledge of application security.
- Experience in the security aspect of software development (i.e.: authenticationwith open id connect
- SAML or CAS, secure rest or web services, encryption with PKI,authorisation, secrets management).
- Experience with secure IT development patterns.
- Experience in the security domain
- Understanding of risk assessments
- Experience in penetration testing and ethical hacking (i.e.: usage of tools likeMetasploit, Burpsuite or equivalent).
- Experience with security test tools (i.e.: Fortify or equivalent) and web sitevulnerability scans.
- Good understanding of the 3rd party dependency security (libraries, containerand VM images).
- Knowledge of OWASP.
- Proven experience in Information Systems Development and InformationSystems Security, preferably for Java EE technology (at minimumunderstanding the code and architectural blueprints, however hands-onprogramming experience is a plus
- Knowledge of Agile methodology
- Due to the particular nature of a large international organisation such as theEuropean Commission, candidates should also have the following nonu0002technical skills:
- Autonomous and rapid self-starting capability.
- Strong organisational and time-management skills.
- Strong team spirit.
- Ability to apply high quality standards.
- Capability of integration in an international/multi-cultural environment.
- Ability to participate in multi-lingual meetings.
- Ability to understand, speak and write English (B2 level)
- Proactive attitude, communicative (e.g., good listener) and customer-oriented