Approach Cyber - Application Security Analyst

at  Approach Belgium

Who we are looking for
As an Application Security Analyst, you will integrate our Secure Software Development practice.
Together with our 20 experts, we develop, maintain, support and host Specialized Software. Our expertise is two-fold:
Proposing our expertise to clients’ development teams in securing their Software Development Life Cycle (SSDLC or Secured-SDLC).
Developing highly secured softwares (Security by design) based on customer’s requirments (e.g. itsme - authentication app) ;
In this frame, we are recruiting an Application Security Analyst who will play a key role in our application security services growth over the next few years.
Your role
As an Application Security Analyst your role is to carry out security assessments on applications used by our customers.
Based on the results of the assessment, you will propose security recommendations. These are short-, medium- and long-term solutions that will serve as the basis for building an application security roadmap for the company.
Depending on your qualifications, you may be required to implement these recommendations in terms of processes, tools and developer trainings (security champions, awareness).
Your main contacts at the customer will be the CISOs and their security teams.
Your main tasks will consist of
Assess an existing SDLC (i.e., SAMM Assessment but we stay open to other methodologies we’ll define together),
Give guidance on establishing a secure software development lifecycle (Secure-SDLC / DevSecOps),
Help development teams to integrate application security best practices (e.g. OWASP ASVS), and security tooling/processes in their development pipeline (SAST, DAST, SCA, CVE follow-up, …),
Give training and coaching sessions to new security champions at client.
Participate in presales meetings around application security.
The role will evolve to include the following tasks and responsibilities in the short term, depending on your experience and evolution pace.
You will then bring your energy on Solution Owner responsibilities like
Mentorship and support: Providing guidance and mentorship to team members, especially those in junior positions, will be crucial. Your support will help them navigate complex missions, leading their professional growth and ensuring successful project outcomes.
Technology watch: You will follow new tools, technical evolutions and industry trends, and share your knowledge with the team. This proactive approach will ensure that our offerings remain cutting-edge, relevant, and aligned with our clients’ ever-evolving needs.
Relationships strengthening with our trusted business partners/suppliers: You will be our key representative in application security associations, or during application security events/conferences/meetings.
Asset creation: Developing new assets and methodologies to complement and enhance our solutions will be part of your responsibility. These assets and methodologies will not only increase the efficiency of our solutions but also support and empower your colleagues in delivering high-quality results.
Your profile
You hold a Bachelor or Master degree.
You work for minimum 2 years in applying security to development:
You have an experience in analyzing SDLC environments in terms of security (OWASP SAMM assessment type, Threat modeling, …)
You have already worked with/implemented some of the following tools: sonarqube, CheckMarx, Fortify, webinspect, ZAP, Dependency-Check, Snyk, Veracode, jfrog Xray, Azure DevOps, GitLab, …
You are analytical minded.
You have a natural team spirit, together with project management and presentation skills.
You have good working knowledge of both written and spoken English, and French or Dutch.
Considered as a plus
Hands on experience in development (Java and/or C#)
Kubernetes and containers (Docker)
REST APIs
Experience with security principles and intrusion tools
Mindset
Strong self-motivator and entrepreneurial pro-active attitude
Strong analytical and problem-solving skills
Team player. Excellent communication skills
Ambassador for the professional values that are at the heart of our philosophy: TOP-NOTCH
We strive for best-of-the-best while staying up to date with the latest technology: HUMAN-CENTRIC
We care about people in the digital world, listening before interacting respectfully in a responsible environment: NO-NONSENSE
We go for it, we work together, we are committed to deliver, to exceed expectations.
Our offer
Join a dynamic and fast-growing company in a booming sector
Participate in the development of the company as a co-creator of innovative solutions
Drive ambitious projects from the business needs up to the projects results, leading concrete initiatives while maintaining a holistic view of the project and direct contact with the C-level client sponsor
Develop your career path and add top-level trainings and certifications to your CV
Benefit from an attractive salary package, including a full range of benefits :
Company car and fuel card
Competitive group insurance including pension fund, death, and disability coverage,
Attractive complementary insurances for non-work-related accident and loss of salary in case of sickness, company fully supported contribution
32 days holiday/year (on a fulltime equivalent basis)
Flexible home working policy
Other fringe benefits (meal vouchers, eco vouchers, …)
Fun company events, exclusive team experiences
Contribute to a safer, fairer world for data subjects and citizens, ensure the serenity of great businesses and essential public institutions
Live your values daily in a dynamic, fun and multicultural working environment.
Interested?
Don’t wait and send us your CV and application. Join us in our commitment to deliver cyber serenity and contribute to a safer digital world

Please refer the Job description for details