Security Expert - Belgium
Tasks:
• Contribute to the design of the overall application security.
• Define security requirements and derive technical actions targeting the application components and the code base.
• Draft documentation such as architecture design descriptions, assessment reports and configuration descriptions.
• Take an active part in developing and improving the application security, and have it understood and implemented by the team.
• Analyse risks and security policy requirements and propose actions.
• Vulnerability testing definition of corrective actions.
• Categorize events, incidents and vulnerabilities based on relevance, exposure and impact.
• Provide security training and education.
• Draft security programmes, security plans and propose implementation actions.
Specific expertise and technologies:
• Experience with ISO 27000 family of standards or equivalent security standards implementation.
• Knowledge of ITSRM2 is a plus.
• Excellent knowledge of application security.
• Experience in the security aspect of software development (i.e.: authentication with open id connect SAML or CAS, secure rest or web services,
encryption with PKI, authorisation, secrets management).
• Experience with secure IT development patterns.
• Experience in the security domain
• Understanding of risk assessments
• Experience in penetration testing and ethical hacking (i.e.: usage of tools like Metasploit, Burpsuite or equivalent).
• Experience with security test tools (i.e.: Fortify or equivalent) and web site vulnerability scans.
• Good understanding of the 3rd party dependency security (libraries, container and VM images).
• Knowledge of OWASP.
• Knowledge of Agile methodology.
Certification and/or Standards
• Mandatory certification (one of): Certified Information Systems Security Professional (CISSP),
• Certified Information Security Manager (CISM),
• Certified Ethical Hacker (CEH), Offensive Security
• Certified Professional (OSCP) or equivalent
Skills:
• Experience in coaching and training.
• Excellent interpersonal and communication skills.
• Good redaction skills, experience in preparation of written reports.
• Ability to animate a community of practice.
• Capability of integration in an international/multicultural environment
What can you expect from us?
Mind-blowing workplace culture. You will be integrated in a professional, dynamic and collaborative team.
100% Remote opportunities
We want you to have the flexibility to work where you feel most comfortable and productive.
International Career
You can expect professional growth and to be connect with the world.
We are represented in 2 European countries: Portugal and Belgium.
And with projects in many other countries: Netherlands, Luxembourg, Singapore and in the United States of America (and a lot more is coming…)
Extra Benefits & Perks
If you wish to work with us and you are outside European Union (good news…) we are a Tech Visa Company, We will help!
As a plus, we provide Health and Life Insurance.
Bridge351 is proud to be an equal opportunity employer. We are committed to build a diverse and inclusive culture and celebrate authenticity. We do not discriminate on the basis of race, religion, color, national origin, gender, gender identity, sexual orientation, age, marital status, disability or any other legally protected characteristics.
• Contribute to the design of the overall application security.
• Define security requirements and derive technical actions targeting the application components and the code base.
• Draft documentation such as architecture design descriptions, assessment reports and configuration descriptions.
• Take an active part in developing and improving the application security, and have it understood and implemented by the team.
• Analyse risks and security policy requirements and propose actions.
• Vulnerability testing definition of corrective actions.
• Categorize events, incidents and vulnerabilities based on relevance, exposure and impact.
• Provide security training and education.
• Draft security programmes, security plans and propose implementation actions.
Specific expertise and technologies:
• Experience with ISO 27000 family of standards or equivalent security standards implementation.
• Knowledge of ITSRM2 is a plus.
• Excellent knowledge of application security.
• Experience in the security aspect of software development (i.e.: authentication with open id connect SAML or CAS, secure rest or web services,
encryption with PKI, authorisation, secrets management).
• Experience with secure IT development patterns.
• Experience in the security domain
• Understanding of risk assessments
• Experience in penetration testing and ethical hacking (i.e.: usage of tools like Metasploit, Burpsuite or equivalent).
• Experience with security test tools (i.e.: Fortify or equivalent) and web site vulnerability scans.
• Good understanding of the 3rd party dependency security (libraries, container and VM images).
• Knowledge of OWASP.
• Knowledge of Agile methodology.
Certification and/or Standards
• Mandatory certification (one of): Certified Information Systems Security Professional (CISSP),
• Certified Information Security Manager (CISM),
• Certified Ethical Hacker (CEH), Offensive Security
• Certified Professional (OSCP) or equivalent
Skills:
• Experience in coaching and training.
• Excellent interpersonal and communication skills.
• Good redaction skills, experience in preparation of written reports.
• Ability to animate a community of practice.
• Capability of integration in an international/multicultural environment
What can you expect from us?
Mind-blowing workplace culture. You will be integrated in a professional, dynamic and collaborative team.
100% Remote opportunities
We want you to have the flexibility to work where you feel most comfortable and productive.
International Career
You can expect professional growth and to be connect with the world.
We are represented in 2 European countries: Portugal and Belgium.
And with projects in many other countries: Netherlands, Luxembourg, Singapore and in the United States of America (and a lot more is coming…)
Extra Benefits & Perks
If you wish to work with us and you are outside European Union (good news…) we are a Tech Visa Company, We will help!
As a plus, we provide Health and Life Insurance.
Bridge351 is proud to be an equal opportunity employer. We are committed to build a diverse and inclusive culture and celebrate authenticity. We do not discriminate on the basis of race, religion, color, national origin, gender, gender identity, sexual orientation, age, marital status, disability or any other legally protected characteristics.