Home
Jobs
BNP Paribas
Junior Application Security Expert - Region Brussels

Junior Application Security Expert - Region Brussels

Hybrid

Uccle, Belgium

Full Time

04-04-2025

Share this job:

Score my CV Apply

Job Specifications

YOUR JOB IN A NUTSHELL

Are you enthusiastic about safeguarding the digital landscape from evolving cyber threats? Thrive on the challenge of outsmarting cybercriminals? As a Junior Application Security Expert you'll play a vital role in securing our customers, employees, data and ensuring system integrity.

AND IN DETAIL

At BNP Paribas Fortis, our Security center of expertise is dedicated to ensuring the security and integrity of our applications and IT infrastructure. Join our team of experienced professionals who are shaping the future of cybersecurity in the banking sector!

You'll be working closely with our development teams to identify and mitigate security vulnerabilities, and collaborating with experts in the field to stay up-to-date with the latest threats and technologies. Whether it's conducting penetration testing, analyzing security risks, or developing secure coding practices, you'll be at the forefront of our efforts to protect our customers' sensitive information and maintain the trust of our stakeholders.

As Our Application Security Expert, You Will Be a

Secure Development Coach: Collaborate with software development squads to integrate security best practices into their development workflows, ensuring that security is built into every stage of the software development lifecycle.
DevSecOps toolchain Specialist: Design, implement and manage the technical infrastructure that supports our automated security testing and vulnerability management capabilities, including code reviews, open source library evaluations, and container security scanning.
Vulnerability Hunter: Use our static code analysis tool to identify and analyze security defects and vulnerabilities in banking applications, and work with development teams to prioritize and remediate findings.
Security Policy Guru: Develop, maintain and update security policies and configurations across various security toolings, ensuring that our security controls are aligned with industry best practices and regulatory requirements.
Security Insights Analyst: Provide actionable security insights and reporting to stakeholders, helping to ensure that everyone has a clear understanding of the security posture of our applications.
Security Thought Leader: Stay up-to-date with emerging security trends and technologies, and develop guidance and training materials to help development teams stay ahead of the curve.
Security Innovator: Contribute to initiatives that improve our application security and vulnerability management capabilities.

YOUR TALENTS AND COMPETENCES

You have a good understanding of security aspects related to software development with a big drive to become a senior security expert in the next years.
Your interaction skills allow you to understand and explain the security issues to developers.
Experience in code review and penetration testing is a plus.
You have experience in distributed development (Java).
Your English is fluent. A knowledge of French or Dutch is a plus.
You are a Master in IT (at preference a Master in Cyber security), IT Engineering or equivalent.

What We Have To Offer

OUR IMPACT

As a company, we implement concrete and sustainable solutions to reduce our environmental footprint, such as saving paper and resources, recycling our waste, encouraging the use of green transport, buildings that are designed and managed to limit our impact, etc.

YOUR CAREER PERSPECTIVES

The departments that make up BNP Paribas Fortis cover a wide range of activities. You will therefore have many opportunities for “horizontal” and “vertical” career development.

OUR OFFER

You’ll enjoy a permanent contract with an attractive salary package. You'll be working at our Brussels headquarters, just a short stroll from the railway station.

We support your work-life balance by offering a mixture of in-person and remote work, among other things.

OUR ENGAGEMENT

At BNP Paribas Fortis, we want to attract and retain all talent, whatever their gender, age, background or sexual orientation, and irrespective of whether they are living with a disability, as every person has their own experiences and their own identity. All of our full-time vacancies are also open to candidates wishing to work on an 80% or 90% full-time equivalent basis.

TEMPTED BY THE CHALLENGE?

A first selection is made based on your CV and motivation letter. Are we convinced that you are the right candidate? Then we will contact you.

Good luck!

Is this position not for you, but do you know someone who is cut out for this job? Feel free to share it with friends and family!

About the Company

BNP Paribas is a leading bank in Europe with an international reach. It has a presence in 65 countries, with more than 190,000 employees, including more than 145,000 in Europe. BNP Paribas holds leading positions in its three major operating divisions: Commercial, Personal Banking & Services for all the Group’s retail banking networks and several specialised businesses, including BNP Paribas Personal Finance and Arval; Investment & Protection Services for savings, investment and protection solutions; Corporate & Instit... Know more

Related Jobs

Company Name: AlmavivA de Belgique
Job Title: PEP- Security Specialist-18/04/25
Job Description: Nature Of The Tasks Advises the IT Units in any area and domain related to information and IT security, in close collaboration with the LISO. The security expertise can range from policymaking to operational control, architectural design, training, products and technology knowledge with concern for their updating and maintenance. Assists DG TAXUD in monitoring and coordinating information security and IT security issues, acting as a facilitator to align all efforts towards project objectives. Translates security requirements into technical requirements and architecture design. Verifies compliance of DG TAXUD’s information and information systems with the Commission’s security policy. Assesses the performance of the contractors in the implementation of DG TAXUD’s security requirements. Reviews the quality and conformance of the technical deliverables (specification, software, documentation, security plans) and services with a focus on security and continuity. Monitors the operations and advises on business continuity and disaster recovery. Assists DG TAXUD in the definition of its Information Systems Security Management (ISSM). Clarifies security issues and prevent potential security incidents. Performs technical security assessments and studies. Proposes technical solutions in security-related areas (i.e. privileged identity management, firewalls, vulnerability management). Conducts security assessments and vulnerability scans to identify and mitigate risks. Ensures compliance with industry standards and regulations (e.g., GDPR, HIPAA). Collaborates with development and operations teams to integrate security into the DevSecOps pipeline. Responds to security incidents and provide recommendations for improvements. Ensures the necessary security requirements are complied with from the perspective of data sovereignty, cybersecurity, availability, confidentiality, integrity, etc. Identifies and proposes mitigation actions to avoid security incidents. Ensures technical aspects of the design, implementation, and operations are aligned with security principles, requirements, and expectations. Supports procurement and contract management activities from a security perspective. Reports on the status, risks, and mitigation actions in this respect. Specifically for cloud: o Develops and implements security strategies to protect cloud-based systems and data. o Follows up and coordinates all efforts on design, implementation, and operations of a cloud solution from a security perspective Level:Senior Delivery Mode: Near Site (Brussels) EQF Level 6 in Information Security, Cybersecurity, Computer Science, or a related field.

Company Name: Spektrum
Job Title: Cybersecurity Change Management Specialist
Job Description: Spektrum have a wide range of exciting opportunities in several global locations. We are always looking to add great new talent to our team and look forward to hearing from you. Spektrum supports apex purchasers (NATO, UN, EU, and National Government and Defence) and their Tier 1 supplier ecosystem with a wide range of specialist services. We provide our clients with professional services, specialised aerospace and defence sales, delivery, and operational subject matter expertise. We are looking for personnel to join our team and support key client projects. Who We Are Supporting The NATO Communication and Information Agency (NCIA) is responsible for providing secure and effective communications and information technology (IT) services to NATO's member countries and its partners. The agency was established in 2012 and is headquartered in Brussels, Belgium. The NCIA provides a wide range of services, including: Cyber Security: The NCIA provides advanced cybersecurity solutions to protect NATO's communication networks and information systems against cyber threats. Command and Control Systems: The NCIA develops and maintains the systems used by NATO's military commanders to plan and execute operations. Satellite Communications: The NCIA provides satellite communications services to enable secure and reliable communications between NATO forces. Electronic Warfare: The NCIA provides electronic warfare services to support NATO's mission to detect, deny, and defeat threats to its communication networks. Information Management: The NCIA manages NATO's information technology infrastructure, including its databases, applications, and servers. Overall, the NCIA plays a critical role in ensuring the security and effectiveness of NATO's communication and information technology capabilities. The program Assistance and Advisory Service (AAS) The NATO Communications and Information Agency (NCI Agency) is NATO’s principal C3 capability deliverer and CIS service provider. It provides, maintains and defends the NATO enterprise-wide information technology infrastructure to enable Allies to consult together under Article IV, and, when required, stand together in the face of attack under Article V. To provide these critical services, in the modern evolving dynamic environment the NCI Agency needs to build and maintain high performance-engaged workforce. The NCI Agency workforce strategically consists of three major categorise's: NATO International Civilians (NIC)'s, Military (Mil), and Interim Workforce Consultants (IWC)'s. The IWCs are a critical part of the overall NCI Agency workforce and make up approximately 15 percent of the total workforce. Role Background The NATO Cyber Security Centre (NCSC) is a team of over 200 members working to monitor and protect NATO networks. In the NCSC’s role to deliver robust security services to the NATO Enterprise and NATO Allied Operations and Missions (AOM), the centre executes a portfolio of programmes and projects around 219 MEUR euros per year, in order to uplift and enhance critical cyber security services. Mission The NCSC Service Delivery Support Section (SDSS) is dedicated to centralizing the coordination of cyber security services delivery in a matrix organizational environment. Our mission is to orchestrate the entire service lifecycle, ensuring that services align to and follow enterprise strategy, policy, and directives established by the NCI Agency management, Chief Operating Officer, Chief Service Operations, Chief Technology Officer, Finance and Acquisition departments. We work closely with Service Area Owners and Service Delivery Managers to enable standardized and effective service delivery. In order to execute this work, the NCI Agency requires support with the work undertaken by the NATO Cyber Security Centre (NCSC) in the area of Communications and Information System (CIS) security and cyber defence. This Statement of Work (SoW) specifies the required skillset and experience. Our vision at the NCSC Service Delivery Support Section (SDSS) is to become the central coordination point for cyber security service delivery, enabling seamless and transparent end-to-end delivery of services to our customers. We will achieve this by operating in and leading three core areas that are detrimental for quality service delivery: Service Design, Service Transition, and Service Operations. These areas leads will guide the Service Area Owners and Service Delivery Managers, provide advice and ad-hoc support with their challenges in Service Management. SDSS will also act a single source of truth in Service Delivery metrics and quality, and will provide centralized and coordinated responses to enterprise-level inquiries and reporting requirements. Role Duties And Responsibilities Daily Service Requests review The purpose of daily service requests review is to monitor all incoming Change Requests as well as Service Requests that do not meet the criteria of the pre-approved “Standard Changes” and re-direct them through the Change Management process. The personnel will: Support the team by routinely reviewing the tickets queue to ensure 4 hours response time Multi-channel support (phone, email, internal chat) for change reporting Develop and maintain a change and configuration management dashboard to reflect up-to-date change status at all times Provide regular reporting on change and configuration management performance Escalate critical requests to appropriate channels within 4 hours Technical Review Board The personnel will: Provide meeting minutes The primary purpose of TRBs is to ensure that all Change Requests are properly prepared (investigated, evaluated and risk assessed) for consideration by the D-CAB based on input from all stakeholders who have a vested interest in the Change Requests. Change Manager is expected to lead the meetings and should have sufficient knowledge in Hardware, Systems, Networks, and Cyber Security Tools. Release and Governance Board The personnel will: Provide meeting minutes The primary purpose RGBs is to control the Release and Deployment of all CRs approved by the D-CAB. The RGB maintains the scheduling for deployment, cutover and testing of the CRs to ensure the correct implementation of the changes and verify that implementation has not caused any regression of other services, and report them to the D-CAB. Should RGB would not be required or applicable for the week TRB may replace the activity. Domain Change Advisory Board The personnel will: Provide meeting minutes of analysis of change request monitoring and analysis of events across the Client's networks Internal Change Advisory Board that is chaired by Infrastructure Branch Head to make an informed decision on the Change Manager outputs (assessment, compliance, risk, recommendation). Ad-hoc SME support sessions The personnel will: Attend the meeting with various stakeholders and senior decisions-making staff Create reports that ...

Company Name: ITS Group Benelux
Job Title: Information Systems Security Officer
Job Description: About Us : For more than 25 years, ITS Group has been a French ESN specializing in digital transformation, employing around 1,400 employees across 8 agencies in France and 1 in Belgium. Our expertise: IT infrastructure & operations, cloud & managed services, mobility, workstations & networks, strategy, consulting & AMO, cybersecurity, development of business applications. ITS Group places its CSR commitment at the heart of its concerns by developing sustainable and responsible digital technology and by promoting the professional and personal development of its employees. Find out more: www.itsgroup.com About the Job : For Freelance & Consultancy Great assignments await you with our key account clients in rich and varied environments We are looking for an Information Systems Security Officer to join our team and support cybersecurity operations across a range of environments. The selected professional will contribute to the protection and resilience of IT and OT systems, working alongside an international team of security specialists. You will conduct security assessments and penetration testing, support audit activities, and assist in incident detection and response. You will oversee vulnerability and patch management processes, ensuring timely risk mitigation and system hardening. You will coordinate lifecycle and obsolescence planning to maintain secure, up-to-date infrastructure. You will manage firewall configurations and remote access solutions, ensuring secure and compliant connectivity. You will contribute to identity and access management, support secure application practices, and enforce user access controls. You will support awareness initiatives, deliver security training, and assist in cyber crisis response and business continuity efforts. You have the following skills We`re looking for someone with a strong technical foundation and a genuine interest in cybersecurity. Ideally, you bring: A degree in IT, cybersecurity, engineering, or a related field. 2–3 years of experience in cybersecurity or a closely related function. Solid knowledge of IT systems and security principles. Interest or hands-on experience in OT/ICS environments is a strong plus. Familiarity with industry standards (ISO 27001, IEC 62443, NIST, etc.). Relevant certifications such as CISSP or ISO 27001 are considered assets. In addition to technical qualifications, success in this role requires a proactive and collaborative mindset. We value individuals who: Are curious, eager to learn, and take initiative. Can work independently while contributing effectively to a team. Thrive in a multicultural and international environment. Are open to occasional travel within and beyond Europe. Communicate fluently in English; other languages (e.g., French, Dutch) are a plus. Fourchette de salaire : entre 45 K€ et 50 K€ About You : You have at least 3-5 of professional experiences in IT If you are at least fluent in FR/ENG or NL/ENG it’s best You’re eager to learn, motivated and curious Let’s have a chat ! About the Process : 1st pre-screening on the phone to discuss about your search and conditions and our first potential opportunities matching. Job descriptions sent and Teams meeting fixed with us (HR and Sales) to dig into your experience and the role. Package proposal so we all agree beforehand. Your CV is sent to the different clients you’ve agreed to, to find the best mission for you! Advantages : Hospitalization insurance (partner/children incl.) Group insurance Dental insurance (partner/children included) 20 days statutory paid vacations (legal vacations cumulated for 1 year of work) 11 days recovery time work 38/40 per year (= annual average: 1 day per 20 days worked) if the client asks you to work 8h/day Representation fee net per month. Internet fee of € 40 per month. Company car with national fuel card OR Public transport reimbursed OR mobility package. Daily fee of 5.50€ net /day provided. Subscription GSM unlimited calls for Belgium (ITS subscription) Training plan (e-learning - certification at ITS charge) Extra advantages: Being a rather small team in BE (6 in back-office), we’re very close to each of our consultants and we differentiate ourselves trying to really take care of you and make you grow with us and within our different clients. Regular follow-up (every 3 to 6months depending on your needs/will) Regular teambuilding to meet-up and have fun (every 3 months more or less) Flexibility and trust Benefits of still being part to a bigger group (ITS Group) and having access to resources and of a larger team of Experts Co-optation system because sharing is caring!

Company Name: Jan De Nul Group
Job Title: System Engineer Network & Security
Job Description: Your Work Context For this position, fluent knowledge of the Dutch language is a prerequisite. Jan De Nul Group ensures innovation and challenges. Our ICT team also does, of course. The team creates, maintains and supports the ICT infrastructure and ICT applications that are used on board of the vessels, at the sites and in the offices. Through professional ICT solutions we offer a pleasant and stable working environment to all end users. Together we make the difference! Your Role As System Engineer Network & Security, you are responsible for the design, installation and configuration of the global network and security infrastructure. Your tasks and responsibilities are: Managing WAN, firewalls, security perimeter and switches. Defining projects which you realise on your own, together with colleagues or in collaboration with suppliers. Determining the concepts and standards of the environment in compliance with the vision and strategy of the company. Functioning as final internal link in the support process of the ICT department. Assisting in building a powerful and stable IT environment. What do you need to have? As System Engineer you hold an ICT oriented Bachelor degree and have at least five years of relevant experience. You are familiar with network technology and routing protocols. You work methodically and in function of a project. You have knowledge of the appointed technology field: Switches/routers (Cisco, Aruba), Firewalls (Fortinet, Palo Alto), F5, SSL Encryption, VPN en Monitoring. Finally you have notions of ITIL and ITSM-tools. You have a good knowledge of Dutch and English. You work locally from within our IT organization located in Hofstade / Aalst. You can count on a competitive salary and extra-legal package including the possibility to lease a company car. Working at Jan De Nul Working at Jan De Nul means helping to find solutions to some of the biggest challenges of our time: from energy transition to rising sea levels to smart mobility. It means learning and working together every day, with the aim of ensuring the global quality of life for generations to come. What We Offer An ongoing training programme through our JDN Academy. The opportunity to exercise at work through our FIT programme. A permanent contract with 42 paid holidays (20 statutory, 12 ADV and 10 public holidays). A healthy work-life balance (flexible working hours and occasional work from home). A competitive salary with thirteenth month and double holiday pay, including: Meal vouchers and eco vouchers Opportunity to participate in the Flex Reward programme, including bicycle and car leasing, including fuel card or charging pass in Belgium. Group and hospitalisation insurance Option of iPhone with data subscription Various staff discounts applicable with Belgian contract. The World Becomes What You Make Of It Jan De Nul is shaping water and land worldwide. We drive the transition to renewable energy with offshore energy infrastructure. We focus on nature-inclusive dredging solutions to build ports and protect our coastline. We develop innovative construction projects for smart mobility and sustainable buildings. And we redevelop our planet by giving polluted sites a new purpose. At Jan De Nul, the world becomes what you make of it. Jan De Nul Group promotes diversity and inclusion in the workplace. We are an equal opportunities and anti-discrimination employer. Teams Information Technology systeembeheerder;system engineer;ICT;servers;netwerk;network;security;VMware;vSphere;cloud;Aruba;firewall;Palo Alto;systeembeheer;SSL;VPN