Expert Secure Development

COSMOTE GLOBAL SOLUTIONS NV

  • Brussel
  • Vast
  • Voltijds
  • 1 maand geleden
  • Versneld solliciteren
COSMOTE Global Solutions, as a member of OTE Group of Companies, is an ICT Systems Integrator delivering a broad range of ICT Solutions and Services.CGS provides a broad range of ICT Services focusing on: Cloud, Data Centre operations, Networking, Cybersecurity, BI and Data Warehouse, Big Data, Service Desk, Proactive Monitoring, Operations and Support, Service Management, Project and Programme Management, and Professional Services.Responsibilities:
  • Contribute to the design of the overall application security.
  • Define security requirements and derive technical actions targeting the application components and the code base.
  • Draft documentation such as architecture design descriptions, assessment reports and configuration descriptions.
  • Take an active part in developing and improving the application security, and have it understood and implemented by the team.
  • Analyse risks and security policy requirements and propose actions.
  • Vulnerability testing definition of corrective actions.
  • Provide security training and education.
  • Draft security programmes, security plans and propose implementation actions.
  • Design and setup of a secure development lifecycle.
  • Application penetration testing.
  • Participation in meetings with the project teams.
  • Advice on design and development of secure web and multi- tier applications.
  • Give advice on application security matters.
  • Contribute to the IT security risk management process.
  • Coach/ train the colleagues in the software factories on Secure development matters.
Requirements
  • Excellent knowledge of application security.
  • Experience in the security aspect of software development (i.e.: authentication with open id connect SAML or CAS, secure rest or web services, encryption with PKI, authorisation, secrets management)
  • Experience with secure IT development patterns.
  • Understanding of risk assessments
  • Experience in penetration testing and ethical hacking (i.e.: usage of tools like Metasploit, Burpsuite or equivalent).
  • Experience with security test tools (i.e.: Fortify or equivalent) and web site vulnerability scans.
  • Good understanding of the 3rd party dependency security (libraries, container and VM images)
  • Good knowledge of secure development lifecycle
  • Good knowledge of OWASP models, frameworks and guides
  • Good Knowledge of Agile methodology
  • Excellent interpersonal and communication skills.
  • Good redaction skills, experience in preparation of written reports.
  • Ability to animate a community of practice.
  • Capability of integration in an international/multi-cultural environment
  • Security certifications (e.g. CISSP, CISM, OCSP, CSSLP, GWAPT, GWEB) are an asset

COSMOTE GLOBAL SOLUTIONS NV