Application Security Specialist

Job Title

Job Description

About Signify

Through bold discovery and cutting-edge innovation, we lead an industry that is vital for the future of our planet: lighting. Through our leadership in connected lighting and the Internet of Things, we're breaking new ground in data analytics, AI, and smart solutions for homes, offices, cities, and beyond.

At Signify, you can shape tomorrow by building on our incredible 125+ year legacy while working toward even bolder sustainability goals. Our culture of continuous learning, creativity, and commitment to diversity and inclusion empowers you to grow your skills and career.

Join us, and together, we’ll transform our industry, making a lasting difference for brighter lives and a better world. You light the way.  

More about the role

This is an exciting job opportunity for you to light the way as a Application Security Specialist in Eindhoven with Signify.

Connected lighting products are not only devices, but systems and services, hence data. As such, they are exposed to threats coming from cyber space with greater impact.

One of the most critical prerequisites for our success is ensuring the security of our offerings and related information end-to-end. The speed of innovation has increased drastically, and the scope of product security has been expanded: from electronics components (hardware) only, to software, communications and information technology, engineering systems and data analytics.

If you are an experienced and motivated Application Security Specialist looking for an opportunity to work in the forefront of the lighting industry, become part of a team of seasoned security experts and want to make a strong impact on the transformation of a global leading company, we want to talk to you about joining our Product Security Center of Excellence!

Your main responsibilities

As Application Security & Tooling Specialist, you are responsible for defining, implementing and managing the security toolset with which we protect our Software Applications, improving the organization, policies, procedures, technology and tools which assure the security of the ecosystem of our products: from innovation till the end of life, providing guidance and support to the Development teams as well as the Cloud Center of Excellence that is responsible for the operations of the connected systems.

Your primary focus is to

• Define and deploy the Application Security Strategy for security improvements to be in pair with the industry and its benchmarks

• Drive the implementation of the strategy to secure our applications for our connected lighting systems.

• Provide support/guidance in resolution of problems, implementation of changes, ensure proper security of applications in Signify products, systems and services.

• Provide technical security guidance to the Development and operation teams.

• Coordinate and perform security & vulnerability assessments, code reviews, pen tests and verifications, and drives remediation.

• Identify, assess, and manage risks to meet the security needs of the organization.

• Identify opportunities for Security Awareness training and improvements within your area of responsibility and propose a set of actions to address lagging user Security behaviors.

• Support security projects/programs to implement selected Security solutions, both as process/performance improvements and new capabilities.

• Drive enhancements of Business security tools like SCA, SAST and credential management, support the integration of the tools in SDLC/DevSecOps and assure the correct use.

• Execute and support the development of the department strategy in the Product Security competency area.

• Act as a trend watcher, leveraging external ideas, know-how, business partners, and suppliers, with the objective to enhance Business’s Application security.

More about you

While we value and appreciate all applicants, we believe that the following experience and skills will be needed to shine brightly in this job opening:

• A hands-on, experienced security professional having at least 5+ years proven track record in application security

• Extensive technical experience in security tooling and secure software development, for firmware, mobile and web applications.

• Experience in vulnerability, risk and incident management

• Knowledge of tools, technologies and methods in the field of application security

• In-depth knowledge and understanding of relevant compliance requirements, like ISO27001 and IEC62443.

• CSSLP (Certified Software Security Lifecycle Professional) or similar certification in information security is a plus.

• Communication skills: writing and presentation skills must be excellent. Ability to communicate effectively with a variety of stakeholders.

• Language skills: English is a must.

• High level of integrity

We would like it if you have experience with:

• IoT devices
• Aqua Software Supply Chain Security
• WhiteSource/Mend
• SonarQube
• Coverity
• BitBucket
• Jenkins
• AWS
• Java frameworks
• Python

Your Team

You will report directly to the Product Security Lead and work closely together with the Product Security Architects, Specialists and Engineers in the Product Security of Excellence of Professional Business.

Your Location

The main working location will be High Tech Campus in Eindhoven, but you will also be working remotely.

Everything we’ll do for you

You can grow a lasting career here. We’ll encourage you, support you, and challenge you. We’ll help you learn and progress in a way that’s right for you, with coaching and mentoring along the way. We’ll listen to you too, because we see and value every one of our 30,000+ people.

We believe that a diverse and inclusive workplace fosters creativity, innovation, and a full spectrum of bright ideas. With a global workforce representing 99 nationalities, we are dedicated to creating an inclusive environment where every voice is heard and valued, helping us all achieve more together.

Come join us, and together we can light the way.