Devsecops Lead Consultant

**Do you want to boost your skills and join a European scale-up in cyber security?** If you are passionate about **cyber security**, join **Approach** You will have the advantage of working in **a human-scale company** where everyone makes the difference. You will join a team of experts with a friendly atmosphere and have the opportunity to **broaden your future career** according to your background and interests. **Your role** We are looking for a* Secure Delivery Lead Consultant *to integrate our Secure Delivery Department. You will take part in stimulating consulting assignments which will include advising customers about strategy. **Your main tasks will consist of**: - Guidance on establishing a secure software development lifecycle (S-SDLC), - Assessment of existing SDLC (i.e. SAMM Assessment), - Helping teams to integrate security tooling in their development pipeline, - Developing our commercial vision in your area of expertise. **By joining this project, you will have the opportunity to**: - Develop your competencies and level of expertise by a continuous and ongoing progression and active participation in training sessions, - Provide input and participate in the definition of our commercial offer in your area of expertise, - Be recognised by the client as being professional in your own area of expertise, - Demonstrate your capability to work in a team and portray a positive attitude, - Be recognised as being trustworthy by your project leader or client: precision of information, respect of the commitments, quality of the work, respect the deadlines and adequate reporting, - Capitalise on the experience acquired within the department, - Use or learn the tools or methodologies of the Practice and actively contribute to the development of these tools and methodologies. **Your profile** **You have**: - Bachelor or Master degree or equivalent by experience, - Uncompromised integrity: Respect the confidentiality of both client and company information, - Experience of working with Scrum teams and of the DevSecOps mindset , - Deep analytical skills and structured thinking, - Ability to interact with the different stakeholders within the company and accompany them in the implementation of a Security Program, - Knowledge of tools integrated with pipelines and strategy for remediation (prioritization, assessment, etc...), - Good understanding of network concepts and architecture, - Experience with security principles and intrusion tools, - Container technologies (Docker, Kubernetes), - DevSecOps experience with at least one of the top cloud providers (AWS, Azure, GCP), Unix / Linux, - Good working knowledge of both written and spoken English and French or Dutch. **Considered as a plus**: - Experience with SAST/DAST, - Knowledge of at least one of the following tools: SonarQube, Fortify, Checkmarx, WebIstpect, ZAP, - Infrastructure as code: Ansible, - Hands on experience in development, - A (ISC)2 CSSLP certification or equivalent. **Soft skills**: - Strong self-motivator and entrepreneurial pro-active attitude, - Able to prioritize activities, plan and execute, - Strong analytical and problem-solving skills, - Team player, - Excellent communication skills, - Eager to learn, - Uncompromising integrity. **Who are we?** APPROACH, founded in 2001, is a European scale-up specialising in **cyber security** and **privacy**. Leveraging a large pool of certified professionals in GRC, Cyber Security and Secure Development, we strengthen businesses’ **cyber security** and **resilience** posture by adopting a risk-based and layered security strategy. We have a team of about 100 people spread over six locations in Belgium and Switzerland. We encourage excellence, close **collaboration** through regular team meetings, direct **communication** and **feedback**, dynamism and fast decision-making. Our staff is made up of seasoned talented, certified cyber security professionals who aim to continuously expand and **transmit** their knowledge. Some are internationally recognised speakers to leading associations such as the ISACA, IAPP, Infosecurity, FinTech Belgium just to name a few. As an active **member** of the **Belgian Cyber Security Coalition** and the **Swiss Trust Valley**, we are joining forces with a unique ecosystem of public authorities, academic institutions and economic players. Moreover, we are committed to develop the **next generation of talents**. We regularly interact with students from the universities and schools by organising workshops, classes and "capture the flag" challenges in cyber security. **Why join us?** Our fast sustainable growth and our leading market position offer you **great career opportunities**. In addition, our broad client portfolio, ranging from the most innovative* start-ups* to large **international organisations**, gives you a unique opportunity to work on a variety of stimulating projects with **cutting-edge technologies and tools**. At **Approach**, we do not view