Application Security Expert

il y a 4 semaines

Brussels, Belgique AXA Belgium Temps plein

In Belgium, AXA is market leader in non-life insurance. We have more than 3,000 enthusiastic employees whose aim is to move from payer to partner for our 3 million clients.

Our employees are our greatest asset. Therefore, a pleasant and modern working atmosphere is crucial to us. Together we seek to foster a diverse and inclusive culture where thoughts and ideas are valued, respected and appreciated.

With every step we take, we keep our values in mind: Customer First, Integrity, Courage and One AXA.


Mission:

· As a member of the 'Information Security' Team part of the 'AXA Belgium Security Office' department lead by the AXA CSO, your mission is to promote and ensure that AXA Belgium applications and platforms are adequately secured. You will work in collaboration mainly with security colleagues (with some having also Application Security as main mission), security and solution architects, IT product team and business teams.

Main tasks:

The key tasks of the "Application Security Expert" are as follows:

· Security Oversight:

  • Work with IT product and architecture teams to ensure platforms/applications including life cycle meet security best practices including amongst others:
  • Conduct application and platforms technical design reviews.
  • Supervision of the source code review (static and dynamic/penetration testing) including the remediation actions.
  • Assess the security maturity of the Software Development Life Cycle (SDLC) within the organization.
Perform the supervision of cloud (Azure/AWS) security posture to ensure amongst others compliancy with security best practices and with AXA security instructions.Provide support to '3rd party security' team to ensure the compliancy of 3rd party solutions with AXA Belgium/AXA group security requirements.Provide when required security 'Go/No Go' with a risk-based approach.Perform the supervision of network and encryption controls protecting applications.Develop/Maintain application/platform security overview with their associated key risk indicators.Follow-up of the vulnerabilities and remediation plans.Gains and helps Security Office dpt, business lines and their corresponding IT teams to have an up to date application security vulnerabilities/risk overview including potential path forwards including with clear management-level presentations

· Governance:

  • Active participation to the definition, coordination, and implementation of AXA Belgium application security yearly roadmap with risk based and compliance approaches.
  • Understand, translate if required or ensure the implementation and follow-up of AXA Group security requirements to protect AXA Belgium applicative landscape.
  • Participate to the security intake (new projects,..) ensuring AXA Security requirements are defined, followed and implemented.
  • Accountable for overseeing, measuring, and driving efforts to systematically increase, maturity and effectiveness of application security processes and ISO 27K controls for AXA Belgium.

· Awareness:

  • Promote security culture and define/participate to the education of AXA IT departments (e.g. engineering, operations) on security procedures and security risks.
  • Development of security guidelines for technologies including (.NET, Java, Python, Angular etc.)

· Inventory:

  • Active participation to the alignment of the applicative, cloud and security inventories.

IMPORTANT:

- The execution of the activities like penetration testing, secure coding,… are performed by colleagues.

- Identity & Access Management is out of scope for the mission.

- AXA Belgium relies a lot on security solutions and processes defined at group level for all AXA entities.

Profile:

Study/Experience/Knowledge

· You have a Bachelor or Master in Computer Science / Information Systems / Information Security or other related field.

· You have minimum 3 years of relevant experience in application development, a strong experience with application vulnerability scanning tools (e.g. Checkmarx, AppScan, Fortify, SonarQube etc.).

· Strong understanding of a secure Software Development Life Cycle (SDLC) and experience.

· Experience with different development languages/frameworks (.NET, Java, Python, Angular, etc.).

· Knowledge of DevOps culture and principles.

· Practical experience with reviewing infrastructure as code for cloud environments (AWS CloudFormation, Azure Resource Manager, Docker containers) is a plus.

· Familiar with industry best practices such as OWASP, SANS and ISO27K are a plus.

· An advanced knowledge and experience of PowerBI dashboard development is a plus.

Soft skills

· Strong teamwork despite able to work autonomously.

· Problem solver and have excellent analytical skills.

· Good communication skills towards IT/Technical teams and towards management.

· You communicate (written and verbal) fluently English.

· Knowledge of French and/or Flemish is a plus.


Profile:

Study/Experience/Knowledge

· You have a Bachelor or Master in Computer Science / Information Systems / Information Security or other related field.

· You have minimum 3 years of relevant experience in application development, a strong experience with application vulnerability scanning tools (e.g. Checkmarx, AppScan, Fortify, SonarQube etc.).

· Strong understanding of a secure Software Development Life Cycle (SDLC) and experience.

· Experience with different development languages/frameworks (.NET, Java, Python, Angular, etc.).

· Knowledge of DevOps culture and principles.

· Practical experience with reviewing infrastructure as code for cloud environments (AWS CloudFormation, Azure Resource Manager, Docker containers) is a plus.

· Familiar with industry best practices such as OWASP, SANS and ISO27K are a plus.

· An advanced knowledge and experience of PowerBI dashboard development is a plus.

Soft skills

· Strong teamwork despite able to work autonomously.

· Problem solver and have excellent analytical skills.

· Good communication skills towards IT/Technical teams and towards management.

· You communicate (written and verbal) fluently English.

· Knowledge of French and/or Flemish is a plus.


Python, Platforms, Execution, Governance, Scanning Tools, Frameworks, Driving, Business, Docker, Amazon Web Services, French language, Dashboard, Projects, Development, Information systems, SonarQube, Communication, Microsoft Azure, Networks, Fortify, Design review, Static, Operations, Java, Inventories, Problem Management, Implementation, Presentations, ISO Standards, Coding Languages, Cloud Security, Communication, Flemish, Security service, Group Security, Key risk indicators, DevOps Engineering, IT security, OWASP, Coordination, Technology, Practicality, Cloud, ISA, Technical Design, Engineering, Best Practices, Code review, Management, Landscaping, Source code, Penetration Testing, Remediation, .NET, AngularJS, Architecture, Education, vulnerability, Computer science, Power BI

  • Software Development Security Expert

    Il y a 4 mois

    Brussels, Belgique Recruit4Work S.L. Temps plein

    EU citizens and that an EU Secret PSC is required for the function! Tasks - Software Development Security Expert **Requirements**: **Required abilities**: - Education requirements: Bachelor's degree or higher in computer science engineering. - Certification requirements: CCSSLP Certified Secure Software Lifecycle Professional, or EC Council CASE Certified...

  • Application Security Architect

    Il y a 5 mois

    Brussels, Belgique DigiTribe Temps plein

    The Digital Security Office (DSO) ensures that the IT Security risks to which the client is exposed to are tracked, treated and mitigated in line with the regulatory, business and security requirements. DSO has its own ambitious Security Roadmap that focuses on major improvements to ensure the predefined security ambitions are effectively realized. The...

  • Application Security Specialist

    Il y a 3 mois

    Brussels, Belgique IT-Planet Temps plein

    Introductie IT-Planet is dé HR specialist voor flexibele en tijdelijke staffing in IT. Wij verzorgen IT-projecten bij diverse top 100-klanten over heel Vlaanderen en Brussel in volgende IT-domeinen: Application Development, Infrastructure Services & Software Testing. Met 15 jaar ervaring achter de kiezen kunnen wij perfect tegemoet komen aan jouw...

  • Application Security Consultant

    Il y a 3 mois

    Brussels, Belgique NVISO Temps plein

    Who are we? It all starts with the mission: NVISO is here to protect European society from potentially devastating cyber attacks! This means we offer cyber security services to private and governmental organizations to help them better prepare for, prevent, detect and respond to cyber security incidents. All of this is built on four fundamental values that...

  • Cyber Security Expert Finnancial Sector

    Il y a 4 mois

    Brussels, Belgique DigiTribe Temps plein

    We are looking for Cyber & Information Security experts to strengthen our team in our Brussels **office with experience in one or more of the following areas**: Proven experience in security risk assessments, development of functional security requirements, process design and management reporting. Familiarity with industry best practices in key security...

  • Security Expert

    il y a 4 semaines

    Brussels, Belgique Smals Temps plein

       Uw rol Als Security Expert werk je mee aan verschillende security gerelateerde IT projecten. Dit kan onder andere gaan over projecten waarbij men actief werkt rond de uitrol van tweestapsverificatie, endpoint protection, cloud security, ... Je staat als expert in voor de uitvoering van specifieke security verbeteringstaken. Je vertaalt hierbij de noden...

  • Cyber Security Expert

    il y a 1 mois

    Brussels, Belgique NVISO Temps plein

    Who are we? It all starts with the mission: NVISO is here to protect European society from potentially devastating cyber attacks! This means we offer cyber security services to private and governmental organizations to help them better prepare for, prevent, detect and respond to cyber security incidents. All of this is built on four fundamental values that...

  • Infrastructure Security Expert

    Il y a 3 mois

    Brussels, Belgique NVISO Temps plein

    Who are we? **It all starts with the mission**: NVISO is here to protect European society from potentially devastating cyber attacks! This means we offer cyber security services to private and governmental organizations to help them better prepare for, prevent, detect and respond to cyber security incidents. All of this is built on four fundamental values...

  • Security Governance Expert

    Il y a 3 mois

    Brussels, Belgique ING Temps plein

    Security Governance Expert - CISO BE - Security Governance team - 50 % work from home **A day in the life of a Security Governance Expert** - As a part of the security governance team, you help develop and implement a comprehensive **security strategy** aligned with business objectives. You help to continuously assess and refine the security strategy to...

  • Cyber Defence

    Il y a 3 mois

    Brussels, Belgique Sparagus Temps plein

    Cyber Defence Security Logging & Monitoring Expert Mission context Want to help shape the bank of tomorrow today? At the bank for a changing world, our employees make change their greatest asset, turning challenges into opportunities. They think ahead to offer customers innovative solutions perfectly suited to their needs. At the country's number one...

  • Application Security Consultant

    Il y a 4 mois

    Brussels, Belgique NVISO Temps plein

    Already experienced in the world of cyber security? New to it all, but genuinely interested? Well, at NVISO we might be looking for you and we’d love to have a chat! Who are we? **It all starts with the mission**: NVISO is here to protect European society from potentially devastating cyber attacks! This means we offer cyber security services to private...

  • Cyber Security Expert

    Il y a 3 mois

    Brussels, Belgique Sopra Steria Temps plein

    **CYBER SECURITY EXPERT** **Where you're going to get started ?** Our security team is the real expert in this field: a young, driven team of specialists coached by a guru. This team assists our clients with security audits, GDPR compliance, ethical hacking, red teaming, security strategy, cyber security incident response, etc. We place great importance on...

  • Application Security Consultant

    Il y a 4 mois

    Brussels, Belgique NVISO Temps plein

    **It all starts with the mission**: NVISO is here to protect European society from potentially devastating cyber attacks! This means we offer cyber security services to private and governmental organizations to help them better prepare for, prevent, detect and respond to cyber security incidents. All of this is built on four fundamental values that define...

  • Application Security Consultant

    Il y a 3 mois

    Brussels, Belgique NVISO Temps plein

    Who are we? **It all starts with the mission**: NVISO is here to protect European society from potentially devastating cyber attacks! This means we offer cyber security services to private and governmental organizations to help them better prepare for, prevent, detect and respond to cyber security incidents. All of this is built on four fundamental values...

  • Application Security Consultant

    Il y a 3 mois

    Brussels, Belgique NVISO Temps plein

    Who are we? **It all starts with the mission**: NVISO is here to protect European society from potentially devastating cyber attacks! This means we offer cyber security services to private and governmental organizations to help them better prepare for, prevent, detect and respond to cyber security incidents. All of this is built on four fundamental values...

  • Network & Security Expert

    Il y a 3 mois

    Brussels, Belgique Proximus Group Temps plein

    Network & Security expert Within Proximus SpearIT, there is a specialized IT staffing department that helps customers organize their IT smarter for higher performance in their business. We do this by providing talent and solutions for their digitalization. We strive for a long-term cooperation with both our clients and our employees. **Our approach? Better...

  • IT Security Expert

    Il y a 4 mois

    Brussels, Belgique EUROPEAN DYNAMICS Temps plein

    **Your tasks** - Responsible for continuous improvement of information security policy framework and for performing risks assessment, risks evaluation, and maintaining the relevant risk register; - Create and maintain technical documentation related to software security; - Collaborate with project stakeholders to identify security requirements. Conduct...

  • Ict Security Accreditation Expert

    Il y a 3 mois

    Brussels, Belgique Enterpryze Consulting Ltd. Temps plein

    **ICT Security Accreditation expert - **Working Location**:Brussels, Belgium** - **Security Clearance**: NATO Secret** - **Language**:High proficiency level in English language **EXPERIENCE AND EDUCATION: **Essential Qualifications/Experience: - Minimum 8 years of experience in ICT security-related functions - Proven, strong expertise in ICT security -...

  • Cyber Security Expert

    Il y a 3 mois

    Brussels, Belgique EPM Formations Temps plein

    **Your mission** - You work with different stakeholders to ensure security mitigations are implemented both in IT and OT environment - You respond to security vulnerabilities, weaknesses, and incidents reported by our SOC - You care for security assessments and testing for new development projects and existing solutions - You advise IT project teams in...

  • Security DevOps Expert

    Il y a 4 mois

    Brussels, Belgique Penguin Formula Temps plein

    Company Description We Cook iT is an international software house that delivers software development to its corporate customers by providing highly skilled, communicative IT professionals to build their customized products through outsourcing, nearshoring and turn-key projects’ solutions. How do we differentiate ourselves? By investing in the...