Senior Security Engineer – DevSecOps

Herstal, Walloon Region, Belgium

Full Time Mid-level / Intermediate EUR 70K - 131K *

NRB Group

NRB est le plus important groupe IT en Belgique. Nous proposons des services et des solutions informatiques innovantes et de la plus haute qualité.

View all jobs at NRB Group

Apply now Apply later

Posted 8 hours ago

Looking for a change? New challenges?

Want to boost your career towards a(n) Senior Security Engineer – DevSecOps role?

Join our Cybersecurity team at NRB!

The NRB group is currently one of the market leaders in Belgium. We offer information technology services to meet the demands of all IT needs: infrastructure & cloud, software development and consultancy & managed staffing.

More information: https://www.nrb.be/

WHY NRB?

We care about you

Are you interested in working in a pleasant atmosphere with the possibility of regularly working from home? Yes, that’s how it works with us!

We invest in your future

Do you want to evolve within your job function or change horizons? It’s possible!

Requirements

THE BACKGROUND

Need for reinforcement

YOUR MISSION

As a(n) Senior Security Engineer – DevSecOps, your mission will be to develop a robust DevSecOps philosophy at NRB.

Your responsibilities will be as follows:

Integrate security practices into the DevOps lifecycle to ensure secure development, deployment, and operation of software.

Collaborate with development, operations, and security teams to develop, implement, and improve security measures.

Conduct security assessments and provide actionable recommendations to enhance our security posture.

Stay informed on the latest security trends, technologies, and best practices.

Implement automated security checks in CI/CD pipelines.

Conduct threat modeling of applications, including analyzing and assessing security risks.

Train and mentor other team members on DevSecOps best practices and procedures.

Administer, configure, and fine-tune security tools and systems to ensure an optimal security posture.

Monitor and ensure service continuity, intervening as necessary to restore functionality.

Perform log analysis, forensic investigations, and root cause analysis.

YOUR TEAM

You will be joining the Cybersecurity team, whose mission is to provide an agile and cross-functional cybersecurity service to both NRB and its customers, in order to protect them and prevent security attacks, and if any to limit their consequences as much as possible.

The team comprises 21 people (professions, job functions, experts in, …) and is part of the Cybersecurity department.

You will be coached and mentored by Lorenzo Bernardi, your direct manager. Discover his profile on Linkedin.

OUR OFFER

A(n) Senior Security Engineer – DevSecOps job function: rich in responsibilities and challenges

A team of enthusiastic, professional colleagues in which there is an excellent atmosphere and where expertise is shared

Tools and infrastructure that are consistently at the forefront of innovation

Personalised career support to help you with your development

Many training opportunities and certifications

A company with a friendly working atmosphere which is dynamic and oriented towards innovation.

Fun times – a food truck, barbecue, after-work events, family day!

Complete salary package

Teleworking opportunities (up to 3 days a week)

Requirements

YOUR PROFILE

Minimum of 5 years of experience in DevSecOps or a related field.

Experience integrating security practices within a DevOps environment.

Knowledgeable in handling various types of security incidents, including threat modeling, security automation, and application security.

Experience with security tools like SAST, DAST, dependency checkers, and SIEM.

Strong understanding of network protocols, security architecture, and cloud security (AWS, Azure, or GCP).

Proficiency in scripting and programming languages (e.g., Python, Shell) for automation.

Experience with CI/CD tools (e.g., Jenkins, GitLab CI/CD) and container orchestration (e.g., Kubernetes, Docker).

Strong analytical skills with the ability to quickly assess and remediate security vulnerabilities.

Excellent communication and interpersonal skills to work effectively with cross-functional teams.

Technical knowledge mastered or to be developed together:

Technical knowledge mastered or to be developed together:

Preferred Certifications:

GCIH

CISSP

CISM

OSCP

AWS Certified Security - Specialty

Azure Security Engineer Associate

Soft skills:

Communication Skills: Ability to convey complex technical information clearly and effectively to both technical and non-technical stakeholders.

Problem-Solving: Strong analytical skills to identify, diagnose, and resolve security incidents efficiently.

Attention to Detail: Keen eye to identify and analyze the small details that could indicate potential vulnerabilities or threats.

Stress Management: Ability to remain calm and focused under pressure, particularly during high-stakes incidents or breaches.

Teamwork and Collaboration: Ability to work cooperatively with other team members, departments, and external entities during incidents.

Critical Thinking: Ability to think logically and critically to evaluate threats, develop mitigation strategies, and improve incident response processes.

Adaptability: Ability to swiftly adapt to changing threat landscapes and respond to live incidents dynamically.

Time Management: Effective prioritization and organization of tasks to handle multiple incidents simultaneously and meet tight deadlines.

Leadership: Ability to lead incident response efforts, guide team members, and manage the incident response lifecycle.

Empathy and Emotional Intelligence: Understanding and managing one's own emotions and those of others, especially during stressful situations to maintain a positive and productive work environment.