Application Security Engineer
Amsterdam
Applications have closed
Backbase
Backbase provides the leading Engagement Banking platform that empowers banks and other financial institutions to accelerate their digital transformation.The Job in short
As a Senior Application Security Engineer you’ll be part of the team of Security Engineers working to ensure we build and maintain secure software that is used by millions of users around the globe. You have a hacker mindset and always strive to think like an attacker.
Meet the job
Your core responsibility is to analyse the software from a security perspective, and to identify and resolve security issues. Your input helps to improve the secure SDLC with its tools and processes. You validate that application security requirements have been met. You have expert understanding of application security and application security vulnerabilities. You provide guidance and workshops to developers and QA engineers on secure coding, security testing and working with security tools. You perform security code reviews and suggest improvements to development teams.
You will work closely with the product development teams as well as the customer success teams who take part in implementation projects. You thrive working with colleagues from multiple cultures. You mentor new team members and act as the go-to person for security in your area.
How about you
● 3+ years of experience in application security;
● Bachelor's degree in Computer Science, Information Security, Cyber Security or equivalent;
● English language on a professional level, written and spoken;
● One or more security certifications such as CSSLP, CISSP, GWEB;
● Deep understanding of application security;
● Expert understanding of security in the SDLC and SAST/SCA/DAST tools;
● Good understanding of frontend, backend and mobile security domains and you’re an expert in one of them;
● Good understanding of pen testing web applications or mobile applications;
● Contributing to application security requirements for the product;
● Security verification of web applications or mobile apps using OWASP ASVS/M-ASVS and testing guides;
● Deep understanding of DevOps and Agile product development;
● Good understanding of relevant regulations such as GDPR and PCI-DSS;
● Good understanding of cloud native technologies such as Kubernetes.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Agile Application security CISSP Cloud Computer Science DAST DevOps GDPR Kubernetes Mobile security OWASP Pentesting SAST SDLC Vulnerabilities
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.