We believe that every company benefits from business agility in order to excel in the market.
We achieve this by optimizing the way ideas are transformed into business value in a pragmatic way.
We do this by providing multi-disciplinary teams supporting and improving your people, processes and tool ecosystems.
Our DevOps/ALM team is a strategic part of our Software Delivery Enablement Services, an offering that groups al competences with regards to methodology, tool ecosystems and coaching. With this in mind, we have several strategical partnerships with companies such as Microsoft, Atlassian, Microfocus, Dynatrace, Tasktop and Jetbrains.
Over the years, (Biz)DevOps has become a crucial key area where we:
- Help our customers to use modern and up-to-date tooling ecosystems and automation. If needed we can even take these ecosystems under our management where we become a managed service provider.
- Help our customers, but also teams within Realdolmen to reach a higher software delivery maturity level
The Realdolmen DevOps/ALM team helps customers build the right software the right way by introducing people, processes & tools that lead to reduced cost, higher productivity, transparency, quality and last but not least customer delight. We are connected through a unique vision combining end-to-end DevOps, single source capabilities and a strong team, making us a preferred and respected DevOps partner in Belgium!
As an Application Security Consultant, you will oversee the designs, installations and implementations of (Web/Mobile) applications, Web Application Firewalls and application delivery controllers. As an Application Security consultant, you will be responsible in the following areas:
- Auditing applications with regards to security risks. This can be on a code level (Static Code analysis) or an operational level (penetration testing) or a combination of both. This also includes touch points with infrastructure security as they are often aligned or intertwined. Your main focus will remain on the application level.
- Provide advice to the development team(s) on how to improve their code/avoid security vulnerabilities in the future.
- Provide an architectural audit of specific applications with regards to how the architecture of an application/platform can be improved
In general, this will be done for our customers but it might also be relevant for large development projects that Realdolmen creates internally for its customers within our own DevOps Factory.
Up to it?
Great! Because we are looking for an Application Security Consultant to join our team.
We want you to help grow Realdolmen as one of the leading Application Security Experts in Belgium by:
- Helping customers become more aware of the impact of Application Security and the actions they can take to further improve their maturity with regards to this domain
- Installation, configuration and administration of Security tooling (CALI Suite, Microfocus Fortify (SCA, WebInspect), CAST, …)
- Providing both proactive and reactive support for Security related topics by means of audits/coaching, improvement of maturity
- Integrating Application Security into the Application Life Cycle Management/DevOps activities, processes and tooling
- Training & coaching on Application Security related topics
- At least 5 years of experience in a Java or other development environment, of which at least 3 years as a technical consultant or architect. You need a clear view on the software lifecycle as a whole. OR At least 5 years of experience in an Infrastructure Security environment, with a clear determination to also dive deeper into the application code/architecture.
- Thorough knowledge of the Application Security tooling (KALI, Burps Suite, Microfocus Fortify (SCA, WebInspect), CAST, …).
- Practical knowledge of ALM/DevOPS tools such as the Atlassian toolsuite, Microsoft TFS/VSTS, Maven, Svn, GIT, Ant, Jenkins, TeamCity Puppet, … is a Plus
- Strong DevOps capabilities & Infrastructural knowledge
- Hands on experience with Application Security best practices such as OWASP Top 10, …
- Knowledge of authentication (LDAP, SAML, ADFS, SSO, …)
- Knowledge of cloud platforms (AWS/Azure/…) is a plus
- Experience with Web Application Firewalls, reverse proxies, loadbalancers
- Certification such as CEH, OSCP, are a plus
- Already active or willing to take an active role in the Security community
- Fluent in Dutch & English. Knowledge of French is an advantage
- You have an open, no-nonsense, to the point mindset
- You are assertive and take ownership
- You are solution driven
- Communication & transparency are your second nature
- You show initiative
- You are eager to learn and want to keep up with the latest evolutions.
- You have the drive to keep up with a fast changing technology landscape
- You can work on your own as well as in team
- You have a commercial mindset