You will be part of Component Management Team which has a transversal role acting as a service desk for the designers, developers,... The team mainly performs configuration management activities for projects and maintenances. It also has a gatekeeper role, reviewing all naming convention and databases standards and ensuring they are compliant with configuration management good practices.
Your main responsibilities:
- Supporting developers with the security assessment of the company’s applications
- Supporting the organization in the definition of security remediation plans
- Supporting developers with the usage of IBM Appscan
- Defining and maintaining the Application Security Guidelines and Coding Guidelines
- Performing market watch on new coding techniques and threats to ensure Application Security Guidelines and IBM Appscan rules are kept up-to-date.
- Auditing security assessment made by application developers and auditing IBM Appscan scan configurations as necessary
- Executing independent security scans on request
- You are a security expert
- You are familiar with source code analysis (SAST/white box analysis).
- You are familiar with the most common vulnerability types and you have a good understanding of how malicious attackers can exploit software vulnerabilities and what are the industry best practices to prevent such attacks.
- You have already used IBM Appscan Source or a similar security source code scanning tool.
- You are familiar with the challenges of integrating such a tool in the Software Development Life Cycle.
- You are able to evaluate the outcome of such a tool and decide what is a false positive and what is a relevant finding.
- You have already performed code reviews.
- You are able to read the source code to the degree to investigate and validate suspected findings and warnings.
- You are able to guide developers on why a certain coding practice is an issue and how to solve it.
- You are able to escalate security issues to the attention of management in order to prevent high risk vulnerabilities to be deployed in production.
- You are fluent in English.
- A challenging position in a fast growing company with an international presence.
- A stimulating working environment with a really good team spirit maintained by lots of internal events (teambuilding, ...).
- A dynamic culture focused on personal development.
- A wide range of training and career development opportunities.
Please apply now !