Home
Jobs
OneSource Consulting
Senior Application Security Engineer

Senior Application Security Engineer

On site

Brussels Region, Belgium

Full Time

11-02-2025

Share this job:

Score my CV

Job Specifications

Here is the detailed JD:
Role: Application Security Expert
Location:Belgium (Hybrid)
Duration: 22/01/2025 - 31/01/2026
Work Regime: Full time (Hybrid)

Function Description:
You will join the Application Security & Vulnerability Management team and be responsible for the following tasks:

Major Tasks:
Manage Requests: Handle requests through Jira tickets from squads for setting up toolings related to the application security tools managed by our team.
Code Review: Review code on applications developed within IT using security toolings (SAST).
Support IT Development Squads: Pro-actively support and assist all IT development squads in their secure development/SecDevOps adoption.
Prepare Training Sessions: Conduct training sessions on security-related topics like common coding mistakes.
Coach Squads: Guide squads on how to use different security tools.
Manage Technical Infrastructure: Support automatic code reviews and open source library evaluations.
Maintain Policies: Ensure applied policies (security, compliance, etc.) are up-to-date.
Follow-Up and Reporting: Track and report on the execution of evaluations.
Review Defects and Vulnerabilities: Regularly review and address any issues.
Leadership Role: Act as an application security expert in project/changes implementation within the scope of the team.

Minor Tasks:
Manage Security Issues: Inform responsible parties of security issues and closely follow up on cases. Report on these issues.
Support IT Developers: Assist in finding solutions to security risks and incidents.
Input for New Security Measures: Provide input for new security measures (such as detection mechanisms).

Required Experience / Knowledge:
Application Development Experience: Experience in the development of applications and up-to-date with current evolutions in application development.
Interest in Application Security: Strong interest in application security with the ambition to become an expert in 3-5 years.
Software Development Lifecycle (SDLC): Very good understanding of SDLC in an Agile environment and understanding DevOps.
Security Checks: Good understanding of the security checks to be applied at different stages.

Technical Experience:
Up-to-Date Knowledge: Recent developments in software development: programming languages, technologies, standard tools, and platforms (Jenkins, Gitlab, Maven, Docker, etc.).
Application Security Expertise: Domain of expertise in application security.
Penetration Testing: Interest in penetration testing and some experience in it.
Network Security Knowledge: Already knowledgeable in network security.
Mobile Application Development & Testing: Understand the difficulties related to mobile application development and testing

About the Company

OneSource is a pan European based recruitment, employment agency founded in response to the market demands for more flexible, cost-effective, tailored recruitment solutions. It aims at providing high-quality services to provide the best outcomes in the recruitment and employment of personnel from a diverse set of business sectors. In today's highly competitive and ever-changing IT market, hiring the right candidate can make the difference between success and failure of any mission-critical project. We can navigate you throu... Know more

Related Jobs

Company Name: Keytrade Bank
Job Title: Security Analyst
Job Description: Introduction Are you ready to dive into the exciting and innovative world of online banking? Keytrade Bank, a pioneer in the Belgian market and a member of the Crédit Mutuel Arkéa Group, is a dynamic online bank. We offer a complete range of banking services, along with diverse investment and trading opportunities. Keytrade Bank is in full expansion, with our client base doubling over the past five years and staff growing annually! Our approach and atmosphere reflect the energy of a high-growth start-up. Today, we’re seeking a Security Analyst to join our team and take on new challenges. Your Mission As a Cyber Security Analyst, your role will be crucial in protecting our data and digital assets. You will monitor security alerts, identify potential threats, and work proactively with infrastructure and application teams to manage and resolve vulnerabilities in our on-premises and cloud environments. Your Secondary Responsibilities: Risk Assessment: Conduct thorough security assessments for projects and systems, identifying risks. IAM: Ensure ironclad access control to keep unauthorized users out. Policy Development: Help develop security policies that are not only effective but easy for the team to follow. Training & Awareness: Lead engaging sessions that equip employees with essential security knowledge and practices. Tool Evaluation: Recommend security tools. Documentation & Reporting: Keep detailed records on security incidents and prepare insightful reports. SDLC Security Integration: Work with development teams to ensure our software is robust and secure at every step. Preferred Qualifications Bachelor’s degree in Computer Science, Cybersecurity, IT, or a related field 1-3 years of experience in cybersecurity or a similar IT role Familiarity with security frameworks (NIST, ISO 27001) and compliance standards (GDPR, DORA) Proficiency with security tools (e.g., firewalls, EDR, SOAR, etc.) Strong analytical and problem-solving skills Relevant certifications (CSA, GCIAH, CEH, etc.) are a plus A team player who can also work independently Willingness to learn What We Offer An agile organization with a positive and flexible work culture A hybrid, collaborative work environment Growth opportunities in diverse areas (transactions, compliance, trading, etc.) Competitive salary and benefits (meal vouchers, telework allowance, group and health insurance, and more) A stepping stone to a rewarding career at Keytrade Bank

Watermael-Boitsfort, Belgium

Hybrid

Full Time

05-03-2025

Company Name: Sopra Steria
Job Title: Cyber Security Engineer
Job Description: Summary: The Cybersecurity Engineer role is crucial for managing and maintaining the organization's privileged access management system. While deep technical expertise isn't essential, strong communication skills, a structured approach, and some familiarity with CyberArk are highly valued. The role involves managing user accounts, troubleshooting issues, and coordinating changes with other teams. There is also potential for future involvement in onboarding Windows and Linux systems to CyberArk. The priority is on finding a candidate who can effectively communicate and follow procedures to ensure the stability and security of the system. Key Responsibilities: Manage and configure the front end of CyberArk. Add and manage accounts within the system. Troubleshoot account issues and assist users. Communicate effectively with relevant teams to implement changes and resolve problems. Onboard as many accounts as possible into a rotating mode (automatic password changes). Essential Skills & Knowledge: Required: Strong communication and organizational skills. Detail-oriented and structured approach. Basic understanding of CyberArk. Preferred: Some experience with CyberArk (knowing how it looks and works). General technical background related to PAM tools. Knowledge of Linux systems (beneficial but not a must-have). Key Challenges: Ensuring changes are communicated and coordinated with relevant teams to avoid service disruptions (e.g., database restorations). Maintaining 100% uptime of the CyberArk system.

Company Name: Thales
Job Title: Cybersecurity Architect
Job Description: Lieu : Tubize, Belgium Thales people architect solutions at the heart of the defence-security continuum. Interoperable and secure information and telecommunications systems for defence, security, and civil operators, are based upon innovative use of radiocommunications, networks, and cybersecurity. We are ground breaking new digital technologies such as 4G/5G mobile communications, cryptography, cloud computing and big data for use in physical protection systems, and critical information systems. Thales Belgium SA, Belgium competence center of Thales, is a company located on 2 sites, one in Tubize (near Brussels) and the other one in Herstal (near Liège). Thales Belgium, which employs more than 280 collaborators, is specialized in the design, development and supply of critical information systems for customers in the sectors of Defense, Security (including Cyber) and Aerospace. Mission: As part of the Security discipline of the Engineering group of THALES Belgium, the Cybersecurity Architect for Cryptography Projects will be responsible to define systems and solutions with customers, support their development and their integration into their target environment. The Cybersecurity Architect for Cryptography Projects needs to be a technical passionate. Based on their existing background in IT, telecommunication systems and/or cybersecurity, they will be eager to discover new technologies to continuously expand and reinforce their expertise in these fields. They will put their expertise at the service of both the security-centric projects of the Security discipline and the secure-by-design aspects of the projects lead by the other disciplines of the company. Main Responsibilities: Understand and analyse the customer’s needs; Find the best solution and lead the architecture definition to meet the customer requirements; Interface with the customer, for the technical related aspects of the solution; Bring state of the art expertise for their field of expertise, specialty or domain; Take the lead in the system specification and design process, in strong cooperation with all the required technical and non-technical skills involved (e.g. hardware, software, security, quality, maintenance); Lead the Make/Team/Buy decision process and support the subcontractor choice for needed subsystem acquisition; Be in charge of the technical documentation (e.g. High Level Design, Low Level Design, Configuration Documents, User Manuals, Testing plan); Support the teams responsible for the implementation and testing of the solution by providing technical expertise on various aspects of the product under development, ensuring the development goals are met and the traceability from the user requirements to the final tests is maintained. Support the sales and marketing teams by providing internal and external technical pre-sales support for the solutions under the responsibility of the Security discipline. Profile: Engineering degree in Telecommunications and/or Cybersecurity. At least 5 years of professional experience in the conception of cybersecurity solutions such as embedded security systems (Formal requirements writing, design definition, translation into testing activities). At least 3 years of professional experience on at least three of the following topics: System architecture using model-based system engineering methodology. Development and certification under a cybersecurity certification framework such as Common Criteria. Architecture or deployment of cybersecurity solutions in any domain (e.g. firewalls, anti-DDOS, risk management, …). Architecture and troubleshooting of IP networks, including IPv6. Packaging, deployment and/or troubleshooting of Linux in the context of embedded systems. One or more of the following is a strong differentiator: Experience with one or more of the following tools: Capella, Doors, Polarion, Jira, BitBucket, LaTeX. Experience in the design of cryptography-centric solutions. Consulting and advisory experience with demonstrated skills in translating business requirements to technical solutions. Experience with technical and governance constraints related to classified information handling, especially in a crypto-related context. Cybersecurity risk assessment using any standardized methodology, preferably EBIOS. Experience with internal and external knowledge sharing through in-person seminars, webinars and/or whitepapers redaction. Eager to work with multiple, diverse technical integrations, technologies and processing environments. Passion for technologies, continuous education and problem solving. Good communication skills, both verbally and written. Fluent in French or Dutch; fluent in English (professional capacity). Customer satisfaction and results oriented. At Thales we provide CAREERS and not only jobs. With Thales employing 80,000 employees in 68 countries our mobility policy enables thousands of employees each year to develop their careers at home and abroad, in their existing areas of expertise or by branching out into new fields. Together we believe that embracing flexibility is a smarter way of working. Great journeys start here, apply now! Interested? Apply now! Click on the button below to upload your profile and show your interest. Diversity Statement We actively support a working pattern that suits your lifestyle and helps you reach your ambitions. That means that equal opportunities, inclusion and an informal culture are integral to our success. It also means that your well-being and happiness matter to us! That’s why we offer you the flexibility to do what’s important to you; whether that’s part time hours, job sharing, remote working, or the ability to flex your start and finish times.

Company Name: Thales
Job Title: Chief Information Security Officer (CISO)
Job Description: Location: Tubize, Belgium Thales people architect solutions at the heart of the defence-security continuum. Interoperable and secure information and telecommunications systems for defence, security, and civil operators, are based upon innovative use of radiocommunications, networks, and cybersecurity. We are ground breaking new digital technologies such as 4G/5G mobile communications, cryptography, cloud computing and big data for use in physical protection systems, and critical information systems. Thales Belgium SA, Belgium competence center of Thales, is a company located on 2 sites, one in Tubize (near Brussels) and the other one in Herstal (near Liège). Thales Belgium, which employs more than 280 collaborators, is specialized in the design, development and supply of critical information systems for customers in the sectors of Defense, Security (including Cyber) and Aerospace. Position Summary The CISO is responsible for all aspects of information security and cyber security across all of IT including support developing, deploying and maintaining a robust security strategy with solid security policies; protocols and procedures across enterprise security architecture, security operations center, datacenter security, and network security including cloud and applications security with appropriate security measures and initiatives. This role also advises senior leaders and other stakeholders on the further development, implementation and management of a countrywide IT security infrastructure that contains appropriate control objectives for system integrity, availability, reliability, resilience, confidentiality and assurance to company, industry and international standards. CISO Community: engage with and contribute to the group CISO community ; NG role: PO/SO for local security squad Essential Functions / Key Areas Of Responsibility Identifying and prioritizing cybersecurity risks and reporting them to local CIO and EUROPE CISO. Ensure strategic alignment of the region approach to IS/IT Security is compliant with legal and regulatory requirements, Group standards and aligned with business objectives. Ensure security program & plans are in place and actions are implemented to manage the risk of adverse impacts from any external or internal attack on the region IT/IS are reduced to an acceptable level. Ensure appropriate budget and resources are allocated to support the security program at region level Be a member of the Group Information System Security Community – sets and approves IS security policy decisions and exceptions. Ensure security incidents are coordinated and managed with the Central Security body through EUROPE CISO Coordinate regionally under the supervision of the Cert Incident Response Activities. Gain acceptance of proposed security solutions by the various security accrediting bodies within Group CISO Respect Group IS/IT standards and strategy. Review strategies, operational changes and projects to ensure appropriate security controls are applied. Review proposed enterprise architecture strategies and designs to ensure that new risks are not introduced into company, and to suggest changes that may increase functionality and help reduce existing risks. Maintain /Coordinate an understanding of current and emerging security threats that may affect the company now or in the future. Undertake / Coordinate forensic investigations and analysis as required on company computer assets in support of HR led investigations. Liaise with Legal in regards to export control requirements in systems and manage any e-discovery requirements that the company are required to undertake. Undertake governance responsibilities for technology based Defense regulations and policies and report the company state of compliance to the Governmental Boards in charge. Provide regular updates to the CIO and EUROPE CISO regarding achievements, issues and goals Review and ensure the follow up of remediation plans with EUROPE CISO Acts as the first point of contact for internal and external audits. Minimum Requirements: Skills, Experience & Education Bachelors (Masters preferred) Information Technology and/or Information Security (Degree or equivalent). 5+ years of leadership experience overseeing security initiatives in a medium to large enterprise. Obtained one or more of the following certifications: Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Global Information Assurance Certification (GIAC), ISO27001 Lead Implementer; Project Management Professional (PMP/Prince2); or other related certifications. Obtained Cosmic Top Secret (CTS) Security Clearance is a huge asset. Demonstrable experience of emergency preparedness, critical incident management, business continuity and disaster recovery. Experienced with medium to large IT Infrastructure and/or IT security projects, e.g. firewall deployment, NAC implementation, web proxy upgrade etc. Prior experience with information security framework, secure network architecture and design, cloud computing, and secure application architecture/design. Proven experience of leading a multidisciplinary team. Strong working knowledge of information security technologies, markets and vendors including firewall, intrusion detection, assessment and monitoring tools, encryption, certificate authority, and cloud networks. Experienced in developing policies and procedures for identity and access management, security programs, security procedures, security standards, requirement definition, and project management plans. Adept in creating business cases and user cases including the ramification of various system, network and application security decisions and recommendations. Experience in managing IT responses to internal and external audit campaigns Articulate with strong verbal and written communication skills including technical and non-technical audiences. Business proficient in English and French Preferred Qualifications Experienced in working within a centralized/decentralized matrix business environment. Knowledge of SEI’s CMMI model for secure software development. Broad experience of conducting risk assessments including presenting recommendations to c-suite At Thales we provide CAREERS and not only jobs. With Thales employing 80,000 employees in 68 countries our mobility policy enables thousands of employees each year to develop their careers at home and abroad, in their existing areas of expertise or by branching out into new fields. Together we believe that embracing flexibility is a smarter way of working. Great journeys start here, apply now! Interested? Apply now! Click on the button below to upload your profile and show your interest. Diversity Statement We actively support a working pattern that suits your lifestyle and helps you reach your ambitions. That means that equal opportunities, inclusion and an informal culture are ...