Dieses Jobangebot ist archiviert und steht nicht mehr zur Verfügung.
Vakante Jobangebote finden Sie unter Projekte.
Vakante Jobangebote finden Sie unter Projekte.
Application Security Analyst
Eingestellt von Harvey Nash IT Recruitment Belgium
Projektbeschreibung
Region: Brussels
Sector: Financial
Education: Bachelor/Master
ASAP till the end of this year minimum
Work experience: 5 years minimum
Job type: Temporary Contract Full time on site
Job description:
You will be part of Component Management team who has a transversal role acting as a service desk for the designers, developers, ...
The team mainly performs configuration management activities for projects and maintenances. It also has a gatekeeper role, reviewing all naming convention and databases standards and ensuring they are compliant with configuration management good practices.
The Component Management team is spread over 3 locations (Brussels, Paris, and London) with on average 12 team members.
This position is based in Brussels !
What you'll do:
You will be primarily responsible for:
* Supporting developers with the security assessment.
* Supporting the organization in the definition of security remediation plans
* Supporting developers with the usage of IBM Appscan
* Defining and maintaining the Application Security Guidelines and Coding Guidelines
* Performing market watch on new coding techniques and threats to ensure Application Security Guidelines and IBM Appscan rules are kept up-to-date.
* Auditing security assessment made by application developers and auditing IBM Appscan scan configurations as necessary
* Executing independent security scans on request
Profile:
You are a security expert
You are familiar with source code analysis (SAST/White Box analysis).
You are familiar with the most common vulnerability types and you have a good understanding of how malicious attackers can exploit software vulnerabilities and what are the industry best practices to prevent such attacks.
You have already used IBM Appscan Source or a similar security source code scanning tool.
You are familiar with the challenges of integrating such a tool in the Software Development Life Cycle.
You are able to evaluate the outcome of such a tool and decide what is a false positive and what is a relevant finding.
You have already performed code reviews.
You are able to read the source code to the degree to investigate and validate suspected findings and warnings.
You are able to guide developers on why a certain coding practice is an issue and how to solve it.
You are able to escalate security issues to the attention of management in order to prevent high risk vulnerabilities to be deployed in production.
You are fluent in English.
Sector: Financial
Education: Bachelor/Master
ASAP till the end of this year minimum
Work experience: 5 years minimum
Job type: Temporary Contract Full time on site
Job description:
You will be part of Component Management team who has a transversal role acting as a service desk for the designers, developers, ...
The team mainly performs configuration management activities for projects and maintenances. It also has a gatekeeper role, reviewing all naming convention and databases standards and ensuring they are compliant with configuration management good practices.
The Component Management team is spread over 3 locations (Brussels, Paris, and London) with on average 12 team members.
This position is based in Brussels !
What you'll do:
You will be primarily responsible for:
* Supporting developers with the security assessment.
* Supporting the organization in the definition of security remediation plans
* Supporting developers with the usage of IBM Appscan
* Defining and maintaining the Application Security Guidelines and Coding Guidelines
* Performing market watch on new coding techniques and threats to ensure Application Security Guidelines and IBM Appscan rules are kept up-to-date.
* Auditing security assessment made by application developers and auditing IBM Appscan scan configurations as necessary
* Executing independent security scans on request
Profile:
You are a security expert
You are familiar with source code analysis (SAST/White Box analysis).
You are familiar with the most common vulnerability types and you have a good understanding of how malicious attackers can exploit software vulnerabilities and what are the industry best practices to prevent such attacks.
You have already used IBM Appscan Source or a similar security source code scanning tool.
You are familiar with the challenges of integrating such a tool in the Software Development Life Cycle.
You are able to evaluate the outcome of such a tool and decide what is a false positive and what is a relevant finding.
You have already performed code reviews.
You are able to read the source code to the degree to investigate and validate suspected findings and warnings.
You are able to guide developers on why a certain coding practice is an issue and how to solve it.
You are able to escalate security issues to the attention of management in order to prevent high risk vulnerabilities to be deployed in production.
You are fluent in English.
Projektdetails
Geforderte Qualifikationen
-
Kategorie:
Sonstiges