As a Security Expert, you will play a crucial role in ensuring the security and integrity of our applications and systems by identifying and mitigating potential vulnerabilities and risks.

You will work closely with cross-functional teams to implement and enhance security measures throughout the software development lifecycle.

• Perform SAST, DAST, and/or SCA assessments on applications, systems, and software components to identify security vulnerabilities, weaknesses, and risks.
• Collaborate with central security team to introduce and scale industry-leading security testing tools and methodologies to conduct thorough security assessments.
• Analyze source code, binaries, runtime behavior, and software dependencies to identify and prioritize security issues.
• Collaborate with development teams to provide guidance and recommendations for secure coding practices and vulnerability remediation, to review failed tests and remove false positives.
• Automate tests where possible, while providing best practices and guardrails to development teams to shift-left security testing
• Collaborate with CI/CD team to integrate tooling as much as possible in automated pipelines
• Participate in threat modeling activities to identify potential security risks and develop appropriate mitigation strategies.
• Stay up-to-date with the latest security trends, vulnerabilities, and attack vectors, and provide proactive recommendations to enhance security measures.
• Collaborate with stakeholders to define and enforce security policies, standards, and best practices.
• Provide expertise and support during incident response and security investigations.
• Conduct security awareness training for developers and other relevant stakeholders.
• Contribute to the development and improvement of security testing frameworks, methodologies, and tools.

• Proven experience and expertise in performing SAST, DAST, and/or SCA assessments.
• Strong knowledge of secure coding practices, common vulnerabilities, and attack techniques.
• Experience with industry-leading security testing tools such as Veracode, Checkmarx, Burp Suite, OWASP ZAP, SonarQube, Black Duck, or similar tools.
• Familiarity with software development languages, frameworks, and platforms (e.g., Java, .NET, JavaScript, Python, etc.).
• Understanding of web application architecture, network protocols, and security standards (e.g., OWASP Top 10, CWE, CVSS, etc.).
• Knowledge of cloud security concepts and technologies (AWS, Azure, GCP) is a plus.
• Excellent analytical, problem-solving, and communication skills.
• Relevant certifications such as CISSP, CSSLP, CEH, GWAPT, or equivalent are highly desirable.
• Experience with GitLab is a bonus.

• You become part of an organization that values both your professional and personal well-being.
• We offer a salary that matches your added value as well as maturity and seniority
• You can join a wellness program to support your physical, mental and financial health.
• You receive an annual training budget, which you can freely spend, including 5 non-billable days to follow your courses.
• We regularly organize social events for our employees to promote a positive and inclusive work culture.
• You will be part of a team where you can grow, both professionally and personally.