Application security engineer
Netherlands, Noord-Holland, Amsterdam
Calling all software security heroes!
Software is the cement of our modern civilization. It is everywhere, impossible to ignore, and growing at unprecedented speed. We specialize software security and help engineering teams to ship quality secure products.
Do we match?
We believe no catch-all diploma or certification exists for creative thinkers with a strong hacker mind-set. Our team consists of players with different backgrounds. Software development, electronics, informatics, graphic design, mathematics, and even psychology. Oftentimes, it’s people who have immersed themselves into (software) security out of their intrinsic drive and passion!
You know your way around code and the world of software development. You prefer code reviews over blind blackbox poking. You love to automate the automatable but are also aware of its strong limitations (blind for lots of security vulnerabilities).
You love to work and learn in an informal environment within a team of likeminded colleagues who are enthusiastically engaged in their passion.
What you will do
As an Agile software/application security specialist you will work in our department that builds and operates our new Agile security service/platform. Our teams joint responsibility is to provide our clients (remote development teams) with continuous security feedback on all the things they build and release. To optimize our workflow we have built an online platform with various portals, custom testing tools and integrations to easily report and share our findings and observations.
Your main activities
- Security testing, code reviews, threat modeling.
- Support remote teams in keeping their code/product secure.
- Explain findings to technical and non-technical stakeholders.
- Keep up-to-date with emerging security technologies and practices.
- Proficient in at least one programming language.
- Strong understanding of software vulnerabilities (e.g. OWASP ASVS, SANS Top 25).
- Creative, hacker mindset and an innovative change-oriented attitude.
- Proficient verbal and written communication in English.
- EU citizenship.
- Native Dutch speaker.
- Experience with C# or Java.
- Experience with cloud platforms (Azure, AWS).
- Experience with Static Code Analysis tools (e.g. Semgrep, Roslyn).
- Experience with CI/CD and security automation.
- Experience with appsec training / awareness.
- You like blogging and talking about appsec topics.
- A proper salary based on your experience (55.000-75.000).
- Work and learn in a team of 20+ leading (application) security experts.
- Informal work environment with a lot of experience that everyone likes to share.
- Work from home or our Amsterdam office. You will not be outsourced to clients (secondment).
- Take courses, go to seminars/workshops/conferences and so on. We encourage this.
- Working hour flexibility
Are you interested in this position? Please contact us.
No recruitment agencies please.