Dieses Jobangebot ist archiviert und steht nicht mehr zur Verfügung.
Vakante Jobangebote finden Sie unter Projekte.
Vakante Jobangebote finden Sie unter Projekte.
Application Security Analyst Banking, Brussels
Eingestellt von Computer Recruitment Services
Gesuchte Skills: Client, Support
Projektbeschreibung
NK174 Application Security Analyst Banking, Brussels
Background
The division that ensures the banks competitiveness by delivering reliable and sustainable IT solutions for the financial securities markets is now looking for an Applications Security analyst.
The technical teams deliver new IT solutions and improve existing applications for both their internal and external clients. They deploy changes into the production environment in a controlled and structured way that doesn't compromise production stability and they ensure applicative production support.
The non-technical people maintain the maturity of the IT project delivery with appropriate controls in line with the group's risk appetite and reducing development and running costs.
Our client is one of the key financial infrastructure providers serving all the big players in the industry with a reputation of being a secure, reliable player on the financial market. It is a strategic goal of the company to maintain a very high standard in IT security to protect the business activities and our customers.
Your role as Application Security Analyst is a key to implement a SAST and embed this practice in the SDLC of the bank.
You will be using IBM Appscan Source for scanning the banks applications and become the 1st line of defence through monitoring security policy compliance.
You will be primarily responsible for:
Supporting developers with the security assessment of the banks applications.
Supporting the organization in the definition of security remediation plans
Supporting developers with the usage of IBM Appscan
Define and maintain the Application Security Guidelines and Coding Guidelines
Perform market watch on new coding techniques and threats to ensure Application Security Guidelines and IBM Appscan rules are kept up-to-date.
Auditing security assessment made by application developers and auditing IBM Appscan scan configurations as necessary
Execute independent security scans on request
YOUR PROFILE:
You are a security experts familiar with source code analysis (SAST/White Box analysis). You are familiar with the most common vulnerability types and you have a good understanding of how malicious attackers can exploit software vulnerabilities and what are the industry best practices to prevent such attacks.
You have already used IBM Appscan Source or a similar security source code scanning tool. You are familiar with the challenges of integrating such a tool in the Software Development Life Cycle. You are able to evaluate the outcome of such a tool and decide what is a false positive and what is a relevant finding.
You have already performed code reviews. You are able to read the source code to the degree to investigate and validate suspected findings and warnings. You are able to guide developers on why a certain coding practice is an issue and how to solve it. You are able to escalate security issues to the attention of management in order to prevent high risk vulnerabilities to be deployed in production.
The chosen candidate must have the following skills:
1: Strong security knowledge. Candidate must be familiar with OWASP, SANS, CWE initiatives. She/He must be knowledgeable about how security vulnerabilities can be exploited in application code by attackers and what are the coding best practices to prevent these attacks.
2: Strong code review experience. Candidate must be able to read source codes and detect bad coding practices. She/He must be able to guide developers on how to resolve/fix security issues.
Reference: NK174
Location: Brussels
Rate:500-525 euros per day
Language: English
Duration: 6 months extendable
Background
The division that ensures the banks competitiveness by delivering reliable and sustainable IT solutions for the financial securities markets is now looking for an Applications Security analyst.
The technical teams deliver new IT solutions and improve existing applications for both their internal and external clients. They deploy changes into the production environment in a controlled and structured way that doesn't compromise production stability and they ensure applicative production support.
The non-technical people maintain the maturity of the IT project delivery with appropriate controls in line with the group's risk appetite and reducing development and running costs.
Our client is one of the key financial infrastructure providers serving all the big players in the industry with a reputation of being a secure, reliable player on the financial market. It is a strategic goal of the company to maintain a very high standard in IT security to protect the business activities and our customers.
Your role as Application Security Analyst is a key to implement a SAST and embed this practice in the SDLC of the bank.
You will be using IBM Appscan Source for scanning the banks applications and become the 1st line of defence through monitoring security policy compliance.
You will be primarily responsible for:
Supporting developers with the security assessment of the banks applications.
Supporting the organization in the definition of security remediation plans
Supporting developers with the usage of IBM Appscan
Define and maintain the Application Security Guidelines and Coding Guidelines
Perform market watch on new coding techniques and threats to ensure Application Security Guidelines and IBM Appscan rules are kept up-to-date.
Auditing security assessment made by application developers and auditing IBM Appscan scan configurations as necessary
Execute independent security scans on request
YOUR PROFILE:
You are a security experts familiar with source code analysis (SAST/White Box analysis). You are familiar with the most common vulnerability types and you have a good understanding of how malicious attackers can exploit software vulnerabilities and what are the industry best practices to prevent such attacks.
You have already used IBM Appscan Source or a similar security source code scanning tool. You are familiar with the challenges of integrating such a tool in the Software Development Life Cycle. You are able to evaluate the outcome of such a tool and decide what is a false positive and what is a relevant finding.
You have already performed code reviews. You are able to read the source code to the degree to investigate and validate suspected findings and warnings. You are able to guide developers on why a certain coding practice is an issue and how to solve it. You are able to escalate security issues to the attention of management in order to prevent high risk vulnerabilities to be deployed in production.
The chosen candidate must have the following skills:
1: Strong security knowledge. Candidate must be familiar with OWASP, SANS, CWE initiatives. She/He must be knowledgeable about how security vulnerabilities can be exploited in application code by attackers and what are the coding best practices to prevent these attacks.
2: Strong code review experience. Candidate must be able to read source codes and detect bad coding practices. She/He must be able to guide developers on how to resolve/fix security issues.
Reference: NK174
Location: Brussels
Rate:500-525 euros per day
Language: English
Duration: 6 months extendable
Projektdetails
Geforderte Qualifikationen
-
Kategorie:
IT Entwicklung, Sonstiges