Application Security Expert

il y a 3 semaines

Bruxelles, Région de Bruxelles, Belgique AXA Group Temps plein

Mission:

· As a member of the 'Information Security' Team part of the 'AXA Belgium Security Office' department lead by the AXA CSO, your mission is to promote and ensure that AXA Belgium applications and platforms are adequately secured. You will work in collaboration mainly with security colleagues (with some having also Application Security as main mission), security and solution architects, IT product team and business teams.

Main tasks:

The key tasks of the "Application Security Expert" are as follows:

· Security Oversight:

  • Work with IT product and architecture teams to ensure platforms/applications including life cycle meet security best practices including amongst others:
    • Conduct application and platforms technical design reviews.
    • Supervision of the source code review (static and dynamic/penetration testing) including the remediation actions.
    • Assess the security maturity of the Software Development Life Cycle (SDLC) within the organization.
  • Perform the supervision of cloud (Azure/AWS) security posture to ensure amongst others compliancy with security best practices and with AXA security instructions.
  • Provide support to '3rd party security' team to ensure the compliancy of 3rd party solutions with AXA Belgium/AXA group security requirements.
  • Provide when required security 'Go/No Go' with a risk-based approach.
  • Perform the supervision of network and encryption controls protecting applications.
  • Develop/Maintain application/platform security overview with their associated key risk indicators.
  • Follow-up of the vulnerabilities and remediation plans.
  • Gains and helps Security Office dpt, business lines and their corresponding IT teams to have an up to date application security vulnerabilities/risk overview including potential path forwards including with clear management-level presentations

· Governance:

  • Active participation to the definition, coordination, and implementation of AXA Belgium application security yearly roadmap with risk based and compliance approaches.
  • Understand, translate if required or ensure the implementation and follow-up of AXA Group security requirements to protect AXA Belgium applicative landscape.
  • Participate to the security intake (new projects,..) ensuring AXA Security requirements are defined, followed and implemented.
  • Accountable for overseeing, measuring, and driving efforts to systematically increase, maturity and effectiveness of application security processes and ISO 27K controls for AXA Belgium.

· Awareness:

  • Promote security culture and define/participate to the education of AXA IT departments (e.g. engineering, operations) on security procedures and security risks.
  • Development of security guidelines for technologies including (.NET, Java, Python, Angular etc.)

· Inventory:

  • Active participation to the alignment of the applicative, cloud and security inventories.

IMPORTANT:

- The execution of the activities like penetration testing, secure coding,... are performed by colleagues.

- Identity & Access Management is out of scope for the mission.

- AXA Belgium relies a lot on security solutions and processes defined at group level for all AXA entities.

Your Profile

Study/Experience/Knowledge

· Bachelor or Master in Computer Science / Information Systems / Information Security or other related field.

· Good Knowledge/experience (at least 3 years) with application security management (penetration testing, SAST, DAST , code review, vulnerability management,...).

· Good Knowledge/experience (at least 3 years) with industry application security framework and best practices such as OWASP Top 10 and ASVS, SANS, NIST,...

· Good knowledge of Secure Software Development Life Cycle (SDLC) principles.

· Experience in application secure development with different development languages/frameworks (.NET, Java, Python, Angular, etc.) is a strong added value.

· Practical experience with reviewing infrastructure as code for cloud environments (AWS CloudFormation, Azure Resource Manager, Docker containers) is a strong added value.

· Experience with ISO27K is a plus.

· An advanced knowledge and experience of PowerBI dashboard development is a plus.

Soft skills

· Strong teamwork despite able to work autonomously.

· Problem solver and have excellent analytical skills.

· Good communication skills towards IT/Technical teams and towards management.

· You communicate (written and verbal) fluently English.

· Knowledge of French and/or Flemish is a plus.

About the Entity

In Belgium, AXA is market leader in non-life insurance. We have more than 3,000 enthusiastic employees whose aim is to move from payer to partner for our 3 million clients.

Our employees are our greatest asset. Therefore, a pleasant and modern working atmosphere is crucial to us. Together we seek to foster a diverse and inclusive culture where thoughts and ideas are valued, respected and appreciated.

With every step we take, we keep our values in mind: Customer First, Integrity, Courage and One AXA.

What We Offer
A nice reward for your hard work

An attractive salary, supplemented with discretionary personal and collective bonuses and of course, meal and eco vouchers.

The benefits of working at an insurance company

From group to hospitalization insurance and ambulatory care (family members can also join at an advantageous rate) and with up to 30% discount on all additional insurance products.

A job that respects your personal life and dreams

With 35 days off per year to recharge, home working options, sports facilities and professional training to make sure you stay in shape mentally, physically and professionally

  • Application Security Expert

    il y a 6 jours

    Bruxelles, Région de Bruxelles, Belgique BNP Paribas Fortis Temps plein

    (Junior) Application security expertWilling to push the boundaries with us for a more sustainable world?Your future job Support and assist the different software development squads in their secure development practices Manage the technical infrastructure supporting automatic code reviews, open source library, docker container evaluations and automated...

  • Application Security Expert

    il y a 6 jours

    Bruxelles, Région de Bruxelles, Belgique BNP Paribas Fortis Temps plein

    (Junior) Application security expertWilling to push the boundaries with us for a more sustainable world?Your future job Support and assist the different software development squads in their secure development practices Manage the technical infrastructure supporting automatic code reviews, open source library, docker container evaluations and automated...

  • Application Security Expert

    il y a 6 jours

    Bruxelles, Région de Bruxelles, Belgique BNP Paribas Fortis Temps plein

    (Junior) Application security expertWilling to push the boundaries with us for a more sustainable world?Your future job Support and assist the different software development squads in their secure development practices Manage the technical infrastructure supporting automatic code reviews, open source library, docker container evaluations and automated...

  • Application Security Expert

    il y a 6 jours

    Bruxelles, Région de Bruxelles, Belgique Satellit Temps plein

    Our customer is looking for an Application Security Expert (DevSecOps) who enables secure software development.You are passionate about security and staying ahead of all possible threats to the system.You will work in a cross-divisional role to ensure software security requirements are up to date and aligned to Group's standards.You will become thoroughly...

  • security expert

    il y a 6 jours

    Bruxelles, Région de Bruxelles, Belgique Vrije Universiteit Brussel Temps plein

    De Vrije Universiteit Brussel staat al meer dan 50 jaar voor vrijheid, gelijk(waardig)heid en verbondenheid en dat leeft sterk op onze campussen bij zowel studenten als personeel. Bij de VUB vind je een diverse verzameling aan persoonlijkheden: innovators pur sang, maar vooral mensen die 100% hun authentieke zelf zijn. Met zo'n 4000 medewerkers zijn we de...

  • Software Development Security Expert

    il y a 6 jours

    Bruxelles, Région de Bruxelles, Belgique Recruit4Work S.L. Temps plein

    EU citizens and that an EU Secret PSC is required for the functionTasks Software Development Security ExpertRequirements:Required abilities: Education requirements: Bachelor's degree or higher in computer science engineering. Certification requirements: CCSSLP Certified Secure Software Lifecycle Professional, or EC Council CASE Certified Application Security...

  • Operationeel Security Expert

    il y a 6 jours

    Bruxelles, Région de Bruxelles, Belgique Vrije Universiteit Brussel Temps plein

    De Vrije Universiteit Brussel staat al meer dan 50 jaar voor vrijheid, gelijk(waardig)heid en verbondenheid en dat leeft sterk op onze campussen bij zowel studenten als personeel. Bij de VUB vind je een diverse verzameling aan persoonlijkheden: innovators pur sang, maar vooral mensen die 100% hun authentieke zelf zijn. Met zo'n 4000 medewerkers zijn we de...

  • Application Security Specialist

    il y a 6 jours

    Bruxelles, Région de Bruxelles, Belgique IT-Planet Temps plein

    IntroductieIT-Planet is dé HR specialist voor flexibele en tijdelijke staffing in IT. Wij verzorgen IT-projecten bij diverse top 100-klanten over heel Vlaanderen en Brussel in volgende IT-domeinen: Application Development, Infrastructure Services & Software Testing. Met 15 jaar ervaring achter de kiezen kunnen wij perfect tegemoet komen aan jouw individuele...

  • security expert

    il y a 6 jours

    Bruxelles, Région de Bruxelles, Belgique Smals Temps plein

    Als Security Expert werk je mee aan verschillende security gerelateerde IT projecten. Dit kan onder andere gaan over projecten waarbij men actief werkt rond de uitrol van tweestapsverificatie, endpoint protection, cloud security, ... Je staat als expert in voor de uitvoering van specifieke security verbeteringstaken. Je vertaalt hierbij de noden van de...

  • Security Expert

    il y a 6 jours

    Bruxelles, Région de Bruxelles, Belgique Smals Temps plein

    Als Security Expert werk je mee aan verschillende security gerelateerde IT projecten. Dit kan onder andere gaan over projecten waarbij men actief werkt rond de uitrol van tweestapsverificatie, endpoint protection, cloud security, ... Je staat als expert in voor de uitvoering van specifieke security verbeteringstaken. Je vertaalt hierbij de noden van de...

  • Application Security Consultant

    il y a 6 jours

    Bruxelles, Région de Bruxelles, Belgique Nviso Temps plein

    It all starts with the mission: NVISO is here to protect European society from potentially devastating cyber attacks This means we offer cyber security services to private and governmental organizations to help them better prepare for, prevent, detect and respond to cyber security incidents.All of this is built on four fundamental values that define who we...

  • Operational Security Expert

    il y a 6 jours

    Bruxelles, Région de Bruxelles, Belgique Vrije Universiteit Brussel Temps plein

    For almost 50 years, the Vrije Universiteit Brussel has stood for freedom, equality and connectedness. These values are strongly present on our campuses, in our students as well as our staff.At the VUB, you'll find a diverse collection of personalities: pure innovators and especially people who are 100% their authentic selves. With about 4.000 employees, we...

  • Application Security Architect

    il y a 6 jours

    Bruxelles, Région de Bruxelles, Belgique Christelijke Mutualiteit Temps plein

    **Application Security Architect**- CM helpt niet minder dan 4,5 miljoen mensen om gezond en gelukkig te leven. Hoe dat kan? Dankzij de dynamiek van onze medewerkers Zij slaan elke dag de handen in elkaar om resultaten te boeken. Ze worden gedreven door solidariteit en willen samen vooruitgaan. Hun inspanningen worden erkend, want ze krijgen tal van kansen...

  • Application Security Consultant

    il y a 6 jours

    Bruxelles, Région de Bruxelles, Belgique NVISO Temps plein

    Who are we?It all starts with the mission: NVISO is here to protect European society from potentially devastating cyber attacks This means we offer cyber security services to private and governmental organizations to help them better prepare for, prevent, detect and respond to cyber security incidents.All of this is built on four fundamental values that...

  • Application Security Expert with Strong Analytical

    il y a 6 jours

    Bruxelles, Région de Bruxelles, Belgique HNM Solutions Temps plein

    Job ID:HNMJD2526:Role: Application Security Expert with strong analytical skillsLocation: Brussels, BelgiumRequired experience/knowledge: You have a very good understanding of Software development lifecycle in an Agile environment and you understand DevOps very well You have a good understanding of security checks to be applied at different stages of the...

  • Security Expert

    il y a 6 jours

    Bruxelles, Région de Bruxelles, Belgique Smals Temps plein

    Als Security Expert werk je mee aan verschillende security gerelelateerde IT projecten. Dit kan onder andere gaan over projecten waarbij men actief werkt rond de uitrol van tweestapsverificatie, endpoint protection, cloud security, ... Je staat als expert in voor de uitvoering van specifieke security verbeteringstaken. Je vertaalt hierbij de noden van de...

  • Application Security Specialist

    il y a 6 jours

    Bruxelles, Région de Bruxelles, Belgique E-Resourcing Temps plein

    We have a current opportunity for an Application Security Specialist on a contract basis.The position will be based in Diegem and is for a major international company.For further information about this position please apply.

  • Security Expert

    il y a 6 jours

    Bruxelles, Région de Bruxelles, Belgique Smals Temps plein

    Uw rolAls Security Expert werk je mee aan verschillende security gerelateerde IT projecten. Dit kan onder andere gaan over projecten waarbij men actief werkt rond de uitrol van tweestapsverificatie, EndPoint protection, cloud security, ...Je staat als expert in voor de uitvoering van specifieke security verbeteringstaken. Je vertaalt hierbij de noden van de...

  • Operational Security Expert

    il y a 6 jours

    Bruxelles, Région de Bruxelles, Belgique Vrije Universiteit Brussel Temps plein

    For almost 50 years, the Vrije Universiteit Brussel has stood for freedom, equality and connectedness. These values are strongly present on our campuses, in our students as well as our staff. At the VUB, you'll find a diverse collection of personalities: pure innovators and especially people who are 100% their authentic selves. With about 4.000 employees, we...

  • Security DevOps Expert

    il y a 6 jours

    Bruxelles, Région de Bruxelles, Belgique Penguin Formula Temps plein

    Company DescriptionWe Cook iT is an international software house that delivers software development to its corporate customers by providing highly skilled, communicative IT professionals to build their customized products through outsourcing, nearshoring and turn-key projects' solutions.How do we differentiate ourselves? By investing in the professional...