Located in Lille, Lyon, Nantes, Grenoble, and Brussels, Insitoo Freelances is an entity of Insitoo Group, specialized in Freelances sourcing and supplying.Since 2007, Insitoo Freelances has been a reference in IT thanks to its expertise, transparency, and proximity . We are looking for an Application Security Engineer for our client in Zaventem.

Telework/onsite policy : Once mutual confidence levels are established, a maximum of 2 days per week of remote working can be authorized.

Responsibilities :
You will work closely with IT Development and Applications Team and also with the Infrastructure Team to integrate security into CI/CD pipelines, perform application security reviews, and remediate vulnerabilities directly at code or configuration level. You will receive priority list to work on from the Cybersecurity Team.  

This is a technical, practitioner role: you will analyze vulnerabilities, fix issues in applications, and help development teams build secure software by design.

If you enjoy working at the intersection of security, engineering, and DevOps, this role is for you.

You will be in charge of  taking action after triage to remediate application vulnerabilities (SAST/DAST/SCA findings – coming either from already existing tools or processes for the most part, or  you will be in charge of implementing some of the tools to detect vulnerabilities).

You will also perform secure code reviews and architecture security assessments.

In order you will: 

• Resolve vulnerability issues and conflicts related to application code, libraries and dependencies

• Help reduce technical debt and improve overall application security maturity through contributions to decision making process on vulnerability remediation and clarify options

• reduce technical debt and improve overall application security maturity

• Integrate security tooling into CI/CD pipelines (DevSecOps)

• Support development teams with secure coding practices

• Participate in threat modeling and security design reviews

You will focus on application security – however you will need to closely cooperate with your counterpart security engineers in charge of patch and vulnerability treatment at OS level. 

Expected skills and experience :

• Modern CI/CD pipelines (GitLab,  DevOps Kubernetes/Docker)

• SAST / DAST / SCA tools (e.g. Qualys, Pentest reports,  etc.)

• Enterprise application stacks (Java, JavaScript/Node.js, TypeScript,  Angular or similar et possible .NET, Python)

• Local DC environment

• OWASP Top 10 and secure coding frameworks

Languages :

• English – Fluent

• French – Professional

Interested by this opportunity ?

Do you have significant experience as an Application security engineer ?

Are you rigorous, methodical, organized, and able to demonstrate autonomy and reactivity?
Do you master the technical perimeters mentioned with the adequate levels
Do you enjoy evolving in an environment where autonomy, initiative-taking, sharing, and teamwork drive collective success?
Do you think your profile might match our client’s needs?

Don’t wait any longer to submit your application; our Business Engineers will be happy to tell you more!

To stay updated on Insitoo news, subscribe to our LinkedIn page!