ABOUT

A prominent provider of business mobility solutions is seeking a Security Officer – DevSecOps to strengthen its IT security framework. With operations spanning multiple regions, this organization focuses on delivering sustainable and efficient mobility services. The IT department plays a crucial role in developing and maintaining security solutions for various business entities, ensuring compliance and resilience in an evolving digital landscape.

REQUIRED QUALIFICATIONS AND EXPERIENCE

• Certification in CISSP, CISM, or CISA (CCSP or equivalent is a plus).
• Strong background in application and operational security.
• Hands-on experience with security technologies such as IAM, VPN, threat modeling, DDoS protection, and firewalls.
• Familiarity with cloud security frameworks (e.g., Azure, Oracle Cloud Infrastructure).
• Proven ability to implement security policies in complex IT environments.
• Expertise in securing CI/CD pipelines using tools such as SonarQube, Contrast Assess, or GitHub Advanced Security.
• Experience with ISO 27001, NIST, or IEC 62443 frameworks.
• Strong problem-solving skills and a structured approach to security challenges.
• Excellent communication skills in English and Dutch (German is a plus).

PREFERRED COMPETENCIES

• Proactive and solution-driven mindset.
• Ability to collaborate across technical and business teams.
• Strong organizational skills with attention to detail.
• Adaptability in fast-paced and complex environments.
  Relevant terms: Information Security, Cybersecurity, DevSecOps, Security by Design, Threat Modeling, Risk Management, Vulnerability Assessment, Penetration Testing, Compliance, Security Policies, ISO 27001, NIST, IEC 62443, Cloud Security, IAM (Identity and Access Management), VPN, DDoS Protection, Firewalls, CI/CD Security, Secure Software Development, Security Audits, Incident Response, Security Controls, Data Protection, Secure Coding, Security Documentation, Regulatory Compliance, Security Awareness, Security Automation, Zero Trust Architecture, Application Security, Network Security, Encryption, Security Frameworks, Governance, Risk and Compliance (GRC), Cyber Threat Intelligence.
  Base Cyber Security assists organizations in building knowledge and capabilities in the field of information security. Supporting organizations in forming robust infosec teams or finding the right cybersecurity experts to meet the organization’s needs is a significant part of our mission.
  We collaborate with security professionals on a global scale for information and cybersecurity positions and projects throughout Europe. Whether you’re at the beginning of your career in information security, seeking advice for your career path, or looking for guidance on continuous self-development and decision-making, we are here to help and would love to connect with you!
  If you haven’t registered yet, make sure to do so now! Send us your details at professionals@basecybersecurity.com and follow us on X/Twitter @BaseCyberSec to stay updated on our activities and relevant information. By registering yourself in our security community and expressing interest in a specific role, project, or team, you expressly grant us permission to use your data, collected and processed by Base Cyber Security in an ethical and discreet manner, and where necessary, in compliance with the General Data Protection Regulation (GDPR)

ROLE OVERVIEW

As a Security Officer specializing in DevSecOps, you will integrate security best practices into the development lifecycle, ensuring that applications and infrastructure meet high security standards from design to deployment. Your responsibilities will include assessing risks, supporting development teams in implementing security controls, and driving compliance with regulatory requirements.

KEY RESPONSIBILITIES

• Promote security awareness across development teams.
• Assist teams in understanding and applying security requirements.
• Conduct threat analyses and define appropriate mitigation strategies.
• Develop and maintain security documentation and compliance reports.
• Oversee classification and protection of information assets.
• Provide guidance on security controls within CI/CD pipelines.
• Collaborate on risk and vulnerability management initiatives.
• Act as a liaison for third-party security services, such as audits and penetration testing.