Application Security Expert

Application Security Expert

Job Description:

We are seeking an experienced Application Security Expert to join our clients team in Belgium and ensure the security of our software applications throughout the development lifecycle. As an Application Security Expert you will be responsible for conducting comprehensive security assessments implementing best practices and providing guidance to development teams to mitigate security risks effectively.

Key Responsibilities:

1. Conduct thorough penetration testing of web applications APIs and mobile applications to identify vulnerabilities and weaknesses.

2. Utilize Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) tools to analyze code and identify security flaws.

3. Implement and enforce security standards and best practices including OWASP (Open Web Application Security Project) guidelines and ASVS (Application Security Verification Standard).

4. Collaborate with development teams to integrate security into the software development lifecycle (SDLC) and ensure secure coding practices are followed.

5. Perform code reviews and provide recommendations for remediation of security vulnerabilities.

6. Develop and maintain security documentation including security requirements standards and guidelines.

7. Stay uptodate with the latest security threats vulnerabilities and industry best practices.

8. Provide training and awareness sessions to educate developers and stakeholders on application security principles and practices.

9. Participate in security incident response activities and assist in resolving security incidents as needed.

Key Requirements:

1. Masters degree in Computer Science Information Security or related field.

2. Proven experience in application security testing and vulnerability assessment.

3. Strong understanding of security testing methodologies tools and frameworks including OWASP SANS and NIST.

4. Experience with .NET Java Python and Angular development frameworks.

5. Handson experience with SAST and DAST tools such as Veracode Checkmarx Burp Suite and OWASP ZAP.

6. Knowledge of secure coding practices and familiarity with common security vulnerabilities and exploits.

7. Excellent communication and interpersonal skills with the ability to effectively communicate security risks and recommendations to technical and nontechnical stakeholders.

8. Relevant security certifications (e.g. CISSP CEH CSSLP) are a plus.