Application Security Engineer/Senior Engineer

Your new company

International company from the healthcare, medical technologies and products industry.

Your new role

You will act as a member of an Information Security team which is responsible for Application Security strategy, technology, and engineering. You will partner with other members of the global team to implement and mature security capabilities related to modern software development, Artificial Intelligence / Machine Learning, applications built on SaaS (Software as a Service) and Cloud platforms.

You will connect with company software development teams and business unit technology partners to shape practices related to DevSecOps, increase adoption of application security tooling, expand security capability features, ensure timely remediation of risk, and provide subject matter expertise related to securing applications.

Scope of duties:

• Implementing and maturing Application Security capabilities (e.g., DevSecOps, Citizen Development Security, SaaS Security, Artificial Intelligence / Machine Learning Security, etc.)
• Ensure compliance requirements are met through all deployment activities
• Assess new patterns, methods and practices of software development as they arise for enterprise readiness and fitness for purpose
• Provide guidance and consultancy for dev teams
• Drive increased adoption of application security capabilities
• Ensure timely remediation of risk
• Generate and collect metrics proving the value of Application Security capabilities
• Timely reporting of security incidents or significant security problems to appropriate personnel
• Connect with external vendors to ensure best in class implementation of cloud security capabilities
• Act as the point of contact for security issues for their area of influence

What you'll need to succeed

• Bachelor’s degree and 3+ years of experience in the information security or information technology sector
• Good English (spoken and written)
• Experience with Product Ownership
• Experience with Cloud platforms (e.g., AWS, Azure, GCP, etc.)
• Experience with DevSecOps tooling (e.g., Static Application Security Testing, Software Composition Analysis, Dynamic Application Security Test, etc.)
• Knowledge of Artificial Intelligence Security
• Knowledge of common information security management frameworks such as NIST, OWASP, SANS, CIS
• Understanding of the software development process
• Comprehension of container orchestration methods and the opportunities to automate security practices within them
• Knowledge related to API Security and Infrastructure as Code Security
• Good communication and collaboration skills
• Experience working in complex, fast-paced environments

What you'll get in return

• Contract of employment
• Yearly bonus
• International working environment
• Medical, sport, insurance and cultural benefits packages
• English lessons
• Hybrid working model (3 days office, 2 days remote/week)