You are here
Junior Application Security Analyst
Who we are looking for
As a Junior Application Security Analyst, you will integrate our Secure Software Development practice.
Together with our 20 experts, we develop, maintain, support and host Specialized Software. Our expertise is two-fold:
- Proposing our expertise to clients’ development teams in securing their Software Development Life Cycle (SSDLC or Secured-SDLC).
- Developing highly secured softwares (Security by design) based on customer’s requirments (e.g. itsme – authentication app) ;
In this frame, we are recruiting a Junior Application Security Analyst who will play a key role in our application security services growth over the next few years.
Your role
As a Junior Application Security Analyst your role is to carry out security assessments on applications used by our customers.
Based on the results of the assessment, you will propose security recommendations. These are short-, medium- and long-term solutions that will serve as the basis for building an application security roadmap for the company.
Depending on your qualifications, you may be required to implement these recommendations in terms of processes, tools and developer trainings (security champions, awareness).
Your main contacts at the customer will be the CISOs and their security teams.
Your tasks will consist of:
- Contribute to assess an existing SDLC (i.e., SAMM Assessment but we stay open to other methodologies we’ll define together),
- Give guidance on establishing a secure software development lifecycle (Secure-SDLC / DevSecOps),
- Help development teams to integrate application security best practices (e.g. OWASP ASVS), and security tooling/processes in their development pipeline (SAST, DAST, SCA, CVE follow-up, ...),
- Co-animate training and coaching sessions to new security champions at client.
- Participate in presales meetings around application security.
Based on the current business dynamic through this business unit, we would like you to take further responsibilities within the team.
Consequently, the role could evolve to include the following tasks and responsibilities in the medium term, depending on your experience and evolution pace.
After a first training and coaching on the job period, you could then bring your energy on Solution Owner responsibilities further in your career at Approach Cyber, like:
- Mentorship and support: Providing guidance and mentorship to team members, especially those less skilled in application security, will be crucial. Your support will be to help them navigate complex missions, leading their professional growth and ensuring successful project outcomes.
- Technology watch: You will follow new tools, technical evolutions and industry trends, and share your knowledge with the team. This proactive approach will ensure that our offerings remain cutting-edge, relevant, and aligned with our clients’ ever-evolving needs.
- Relationships strengthening with our trusted business partners/suppliers: You will evolve to become our key representative in application security associations, or during application security events/conferences/meetings.
- Asset creation: Developing new assets and methodologies to complement and enhance our solutions will soon be part of your responsibility. These assets and methodologies will not only increase the efficiency of our solutions but also support and empower your colleagues in delivering high-quality results.
Your profile
You have:
- You hold a Bachelor or Master degree.
- In addition to your hands-on knowledge in development (Java and/or C#), you feel a strong interest in analyzing SDLC environments in terms of security (OWASP SAMM assessment type, Threat modeling, …) or working with/implementing some of the following tools: Sonarqube, CheckMarx, Fortify, webinspect, ZAP, Dependency-Check, Snyk, Veracode, jfrog Xray, Azure devops, Gitlab, ...
- You are analytical minded.
- You have good working knowledge of both written and spoken English, and French or Dutch.
Considered as a plus:
- Knowledge of Kubernetes and containers (Docker)
- Knowledge of REST APIs
- Experience with security principles and intrusion tools
Mindset :
- Strong self-motivator and entrepreneurial pro-active attitude
- Strong analytical and problem-solving skills
- Natural team player, together with project management and presentation skills.
- Ambassador for the professional values that are at the heart of our philosophy:
- TOP-NOTCH
We strive for best-of-the-best while staying up to date with the latest technology. - HUMAN-CENTRIC
We care about people in the digital world, listening before interacting respectfully in a responsible environment. - NO-NONSENSE
We go for it, we work together, we are committed to deliver, to exceed expectations.
- TOP-NOTCH
Our offer
- Join a dynamic and fast-growing company in a booming sector
- Participate in the development of the company as a co-creator of innovative solutions
- Drive ambitious projects from the business needs up to the projects results, leading concrete initiatives while maintaining a holistic view of the project and direct contact with the C-level client sponsor
- Develop your career path and add top-level trainings and certifications to your CV
- Benefit from an attractive salary package, including a full range of benefits :
- Company car and fuel card
- Competitive group insurance including pension fund, death, and disability coverage,
- Attractive complementary insurances for non-work-related accident and loss of salary in case of sickness, company fully supported contribution
- 32 days holiday/year (on a fulltime equivalent basis)
- Flexible home working policy
- Other fringe benefits (meal vouchers, eco vouchers, …)
- Fun company events, exclusive team experiences
- Contribute to a safer, fairer world for data subjects and citizens, ensure the serenity of great businesses and essential public institutions
- Live your values daily in a dynamic, fun and multicultural working environment.
Interested?
Don’t wait and send us your application to jobs@approach-cyber.com. We look forward to talking to you soon.
