Application Security Consultant

Who we are looking forAs an Application Security Consultant, you will integrate our Secure Software Development services.Together with our 15 experts, we develop, maintain, support and host Specialized Softwares. Our expertise is two-fold:Proposing our expertise to clients' development teams in securing their Software Development Life Cycle (SSDLC or Secured-SDLC).Developing highly secured softwares (Security by design) based on customer's requirements (e.g. itsme – authentication app) ;In this frame, we are recruiting an Application Security Consultant who will play a key role in our application security services growth over the next years.Your roleAs an Application Security Consultant your main role will be to act as a Security Champion for our customers.This means:Operationalise (technically) the concept of Security by Design/Default in its four components: the availability of applications and underlying systems, the integrity (non-alteration) of data, the confidentiality (non-disclosure) of data and processing, and finally the traceability of actions performed on the system.Give guidance on establishing a secure software development lifecycle (Secure-SDLC / DevSecOps),Help development teams to integrate application security best practices (e.g. OWASP ASVS), and security tooling/processes in their development pipeline (SAST, DAST, SCA, CVE follow-up, ...),Ensure that the security requirements of all the components of a solution are properly identified based on the requirements issued, the Information Systems Security Policy and best practices.Assist architects in designing secure solution components, considering the client's application and business context, and the technologies available on the market.Contribute to assess an existing SDLC (i.e., SAMM Assessment)Verify the application of security requirements, in particular security test scenarios. Ensure that tests are carried out before any production launch.Provide security support in specific areas of expertise.Finally animate training and coaching sessions to new security champions at client.Considering your domain of expertise, we would like you to go further in applying your knowledge to developing Approach's offering in terms of AppSec.Consequently, you'll soon bring your energy on Solution Owner responsibilities explained as:Technology watch: You will follow new tools, technical evolutions and industry trends, and share your knowledge with the team. This proactive approach will ensure that our offerings remain cutting-edge, relevant, and aligned with our clients' ever-evolving needs.Relationships strengthening with our trusted business partners/suppliers: You will evolve to become our key representative in application security associations, or during application security events/conferences/meetings.Asset creation: Developing new assets and methodologies to complement and enhance our solutions will soon be part of your responsibility. These assets and methodologies will not only increase the efficiency of our solutions but also support and empower your colleagues in delivering high-quality results.Presales engagements: Participate in presales meetings around application security and help our Sales team in defining our customers' needs.Based on the current business dynamic through this business unit and our people organisation itself, we would like you to also take other responsibilities as Technical Leader for a part of our current team and so become a key technical player.This role include:Mentorship on application security projects: Providing guidance and mentorship to team members, especially those less skilled in application security, will be crucial. Your support will be to help them navigate complex missions, leading their professional growth and ensuring successful project outcomes.Support on development and devops projects: Bringing a higher view to support and help our developers on their development and devops tasks, make technology choices or debug some scenario's on technologies like .NET, Angular, Azure, Azure devops, OAuth (KeyCloak), ...Your profileSignificant experience, which we estimate to be 5-6 years, giving you the opportunity to work in a variety of technical environments and improve your skills in application security technologies.You have hands-on knowledge in development, whatever the language. We need a jack of all trades who has gained experience in a variety of technical environments. For your information, at Approach we mainly use C# (.NET), Javascript (Angular) and Java (Spring).You have a proven skillset on application security technologies, concepts and best practices. OWASP website is in your browsers' favourites. You've already being involved in implementing a SAST/DAST (Fortify, Sonarqube or equivalent), you've made vulnerabilities follow-up, devsecops, web app security, SSDLC (Secure-SDLC), application security by design, ...You have professional working knowledge of both written and spoken English, and one of our main national languages (French or Dutch).Mindset:Strong self-motivator and entrepreneurial pro-active attitudeStrong analytical and problem-solving skillsNatural team player, together with project management and presentation skills.Ambassador for the professional values that are at the heart of our philosophy:TOP-NOTCH We strive for best-of-the-best while staying up to date with the latest technology.HUMAN-CENTRIC We care about people in the digital world, listening before interacting respectfully in a responsible environment.NO-NONSENSE We go for it, we work together, we are committed to deliver, to exceed expectations.Our offerJoin a dynamic and fast-growing company in a booming sectorParticipate in the development of the company as an internal entrepreneur in your own teamDevelop your career path in a diversified function combining commercial development, people management and strategical impact.Enjoy a company that put a priority to learning opportunities and continuous trainings.Benefit from an attractive salary package, including a full range of benefits :A CDI contractA mobility budget according to your function levelA competitive group insurance including pension fund, death, and disability coverage,An attractive complementary insurance for non-work-related accident and loss of salary in case of sickness, company fully supported contribution32 days holiday/year (on a fulltime equivalent basis)A flexible home working policyOther fringe benefits (meal vouchers, eco vouchers, ...)Fun company events, exclusive team experiencesContribute to a safer, fairer world for data subjects and citizens, ensure the serenity of great businesses and essential public institutionsLive your values daily in a dynamic, fun and multicultural working environment.Interested ?Don't wait, send us your CV and application to jobs@approach-cyber.com. Join us in our commitment to ensuring cyber serenity and contributing to a safer digital world.