Application Security Analyst

  • Location

    Brussels Capital

  • Sector:

    Information Technology

  • Job type:

    Contract

  • Salary:

    Negotiable

  • Contact:

    Joelle Nguyen Duy

  • Contact email:

    Joelle.NguyenDuy@volt.eu.com

  • Job ref:

    74395-ITBEL-JND_1559918270

  • Published:

    almost 5 years ago

  • Duration:

    26 weeks

  • Expiry date:

    2019-07-07

  • Start date:

    ASAP

Security Analyst


The SAST team mission is to implement and operate a set of applications security controls through an automated process integrated through Software Development Life Cycle/s (SDLC). We ensure that corporate policies and OWASP guidelines are uniformly applied by development teams across all business unit.
-Analyze source code using automated static analysis scanning to establish a baseline
-Correlate findings against the existing databases of known software vulnerabilities, to help identify security flaws during the development phase
-Increase the software development teams knowledge of secure coding procedures, so the organization can build security with every release
-Provide developers with guidance to understand, prioritize and remediate vulnerabilities
-Enforce production scans with a Go-Live criteria: No OWASP Top 10 vulnerabilities
-Report on key metrics on all scanned applications

We are seeking a highly motivated individual with strong code review experience. You must be self-motivated and have the experience, personality, and passion to support developers and designers.
This position is based in Brussels.

Requested profile

The main focus of the work will be in conducting operational activity, analysing source code findings and providing subject matter expertise to developers, using IBM Appscan Source.

Qualifications

Specific qualifications for the Security Analyst position include:
-At least 5 years of experience in IT industry
-Web application development background in .NET or Java
-Strong code review experience
-Must be able to read source codes and detect bad coding practices
-Must be able to guide developers on how to resolve/fix security issues
-Strong security knowledge using IBM Appscan Source. or similar tools (Fortify, Veracode, etc)
-Familiar with OWASP, SANS, CWE initiatives
-Knowledgeable about how security vulnerabilities can be exploited in application code by attackers and what are the coding best practices to prevent these attacks
Employee Success Factors

Employees are expected to achieve the mission and deliver exceptional performance for our customers and the business, with energy, focus, flexibility, and personal character. The Employee Success Factors define the behaviors that contribute to achieving those expectations.

-Insure compliance with established standards, policies, and performance guidelines.
-Focus on customers.
oStrives to exceed customer expectations and metrics
oBuilds strong relationships with customers
-Deliver Quality Results
oStays focused, overcoming distractions and obstacles to achieve goals
oCarries out assignments with thoroughness, accuracy and attention to detail
-Act Ethically
oAct in accordance with the company's values
-Act as a Team Player
oDevelops and maintains productive working relationships with team members
oActively shares information and expertise
-Support Change and Innovation
oMaintains a positive attitude in response to change and uncertainty
oEffectively handles shifting demands and multiple priorities
oContinually looks for ways to streamline processes, reduce costs and accomplish goals

Nice to have

-Experience with Software Development Life Cycle (SDLC)
-Experience using Microsoft Office suite including Word, Excel, Access, Etc.
-Experience using a Service Desk
-Skills in one of the following languages and technologies: J2EE, .NET
-Agile knowledge