BizDevOps Consultant – Application Security Focus
We believe that every company benefits from business agility in order to excel in the market.
We achieve this by optimizing the way ideas are transformed into business value in a pragmatic way.
We do this by providing multi-disciplinary teams supporting and improving your people, processes and tool ecosystems.
Our DevOps/ALM team is a strategic part of our BizDevOps services, an offering that groups all competences with regards to methodology, tool ecosystems and coaching. With this in mind, we have several strategical partnerships with companies such as Microsoft, Atlassian, Microfocus, Dynatrace, Tasktop and Jetbrains.
Over the years, BizDevOps has become a crucial key area where we:
- Help our customers to use modern and up-to-date tooling ecosystems and automation. If needed we can even take these ecosystems under our management where we become a managed service provider.
- Help our customers, but also teams within Realdolmen to reach a higher software delivery maturity level
The Realdolmen DevOps/ALM team helps customers build the right software the right way by introducing people, processes & tools that lead to reduced cost, higher productivity, transparency, quality and last but not least customer delight. We are connected through a unique vision combining end-to-end BizDevOps, single source capabilities and a strong team, making us a preferred and respected DevOps partner in Belgium!
As a BizDevOps Application Security Consultant, you will oversee the designs, installations and implementations of (Web/Mobile) applications, Web Application Firewalls and application delivery controllers. As a BizDevOps Application Security consultant, you will be responsible in the following areas:
- Auditing applications with regards to security risks. This can be on a code level (Static Code analysis) or an operational level (penetration testing) or a combination of both. This also includes touch points with infrastructure security as they are often aligned or intertwined. Your main focus will remain on the application level.
- Provide advice to the development team(s) on how to improve their code/avoid security vulnerabilities in the future.
- Provide an architectural audit of specific applications with regards to how the architecture of an application/platform can be improved
In general, this will be done for our customers but it might also be relevant for large development projects that Realdolmen creates internally for its customers within our own DevOps Factory.
Up to it?
Great! Because we are looking for an Application Security Consultant to join our team.
We want you to help grow Realdolmen as one of the leading Application Security Experts in Belgium by:
- Helping customers become more aware of the impact of Application Security and the actions they can take to further improve their maturity with regards to this domain
- Installation, configuration and administration of Security tooling (CALI Suite, Microfocus Fortify (SCA, WebInspect), CAST, …)
- Providing both proactive and reactive support for Security related topics by means of audits/coaching, improvement of maturity
- Integrating Application Security into the Application Life Cycle Management/DevOps activities, processes and tooling
- Training & coaching on Application Security related topics
- At least 5 years of experience in a Java or other development environment, of which at least 3 years as a technical consultant or architect. You need a clear view on the software lifecycle as a whole. OR At least 5 years of experience in an Infrastructure Security environment, with a clear determination to also dive deeper into the application code/architecture.
- Thorough knowledge of the Application Security tooling (KALI, Burps Suite, Microfocus Fortify (SCA, WebInspect), CAST, …).
- Practical knowledge of ALM/DevOps tools such as the Atlassian tool suite, Microsoft TFS/VSTS, Maven, Svn, GIT, Ant, Jenkins, TeamCity Puppet, … is a Plus
- Strong DevOps capabilities & Infrastructural knowledge
- Hands on experience with Application Security best practices such as OWASP Top 10, …
- Knowledge of authentication (LDAP, SAML, ADFS, SSO, …)
- Knowledge of cloud platforms (AWS/Azure/…) is a plus
- Experience with Web Application Firewalls, reverse proxies, load balancers
- Certification such as CEH, OSCP, are a plus
- Already active or willing to take an active role in the Security community
- Fluent in Dutch & English. Knowledge of French is an advantage
- You have an open, no-nonsense, to the point mindset
- You are assertive and take ownership
- You are solution driven
- Communication & transparency are your second nature
- You show initiative
- You are eager to learn and want to keep up with the latest evolutions.
- You have the drive to keep up with a fast changing technology landscape
- You can work on your own as well as in team
- You have a commercial mindset
- The opportunity to have a meaningful job where you can make a difference
- The chance to continuously evolve as a professional, coupled with a variety of training opportunities
- Relevant career opportunities to get you where you want to be, with the IT knowledge you need
- Realdolmen wants you to find a balance between work and private life by offering flexible hours, satellite offices, home working and an informal no-nonsense environment
- 32 days of annual leave, because life isn’t all about working
- Forget about the miles: we provide you with a company car and a national fuel card
- Group insurance and hospitalization insurance, because we care about you
- And of course, we also offer a gross salary. One which is optimised from a net perspective for our employees!
If you need more information contact firstname.lastname@example.org