Application Security Engineer
YOUR ROLE
As an Application Security Engineer you will play a key role in assessing our Secure Software Development Lifecycle maturity, defining a security roadmap and driving the implementation and improvement of cybersecurity activities.
This is a full-time, permanent role based in the DELMIA R&D Lab in `s-Hertogenbosch, the Netherlands. We expect you to work inside this office for at least 3 days a week.
YOUR RESPONSABILITES:
- Lead our “shift left” security efforts to build security into the software development lifecycle.
- Conduct secure design reviews and threat modeling sessions. Identify and prioritize risks, attack surfaces, and vulnerabilities.
- Be available to conduct security code reviews and advise developers on remediating vulnerabilities and following secure coding practices.
- Take charge of our vulnerability management program. Triage and prioritize vulnerabilities from scans, audits, and bug bounty submissions. Track remediation and validate fixes.
- Research and recommend security tools and technologies to strengthen defenses against emerging threats targeting machine learning systems.
- Develop and document security policies, standards, and playbooks. Conduct security awareness training sessions for engineers.
- Collaborate closely with product engineers and researchers to instill security best practices. Advocate for secure architecture, design, and development.
- Be the main DELMIA Quintiq R&D contact for security related subjects, such as answering questions related to our security development practices, tools and processes.
YOUR QUALIFICATIONS:
- Have 3+ years of hands-on experience in application and infrastructure security, including securing cloud-based and containerized environments.
- Have empathy, collaboration skills, and a learning mindset to be able to work cross-functionally with engineers of all levels towards building security into the product life cycle.
- Be able to use creative and strategic thinking to reduce risks through secure design and simplicity, not just controls.
- Possess broad security knowledge to connect the dots across domains and identify holistic ways to lower the overall attack surface.
- Have the ability to distill complex security concepts into clear actions and drive consensus without direct authority.
- Have a proactive mindset to thread security throughout the product lifecycle through activities like threat modeling, secure code review, and security-related education.
- Have a strong grasp of offensive security to be able to anticipate risks from an adversary's perspective, not just check compliance boxes.
- Have experience with modern application stacks, infrastructure, and security tools to implement pragmatic defenses.
- Be passionate for security fundamentals like least privilege, defense-in-depth, and eliminating complexity that could sub-linearly scale security through smart design.
Inclusion statement
DELMIA contribuye a que los distintos sectores y proveedores de servicios establezcan conexiones entre el mundo virtual y el real de las operaciones globales para renovar el negocio, lograr la excelencia sostenible y ofrecer coordinación a través de redes de valor.
¿Quieres saber más?
Visita otras secciones de nuestra web para obtener más información.
Estudiantes y graduados
¡Forma parte de nuestro futuro! Consulta nuestras ofertas de empleo y oportunidades de prácticas.
El camino hacia la contratación
Infórmate sobre cómo será el camino hacia tu contratación.
Nuestros valores y nuestra cultura
Descubre nuestros valores y nuestra cultura.