DevOps Expert - Brussels, België - Newforceltd

Newforceltd

Geverifieerd bedrijf

Brussels, België

2 weken geleden

Geplaatst door:

Sophie Dubois

beBee Recruiter

DevOps Expert:

#Metasploit

#Burpsuite

#Devops

The following tasks will be performed by an external service provider:
the code base.

Draft documentation such as architecture design descriptions, assessment reports and configuration

descriptions.
implemented by the team.

Analyse risks and security policy requirements and propose actions.
Vulnerability testing definition of corrective actions Categorize events, incidents and vulnerabilities based on relevance, exposure and impact.
Provide security training and education.
Draft security programmes, and security plans and propose implementation actions.
Design and setup of a secure development lifecycle
Application penetration testing
Participation in meetings with the project teams.
Contribute to the IT security risk management process
Coach/ train colleagues in the software factories on Secure development matters

LEVEL OF EDUCATION

A minimum educational qualification corresponds to a master's level or 5 years of higher education

KNOWLEDGE AND SKILLS

The following skills and knowledge are required for the performance of the abovelisted tasks:
Experience in the security aspect of software development (i

e:
authentication with open id connect SAML or CAS, secure rest or web services, encryption with PKI, authorisation, secrets management)

e:
usage of tools like Metasploit, Burpsuite or equivalent).

e:
Fortify or equivalent) and website vulnerability scans.

Good understanding of the 3rd party dependency security (libraries, container and VM images)
Good knowledge of secure development lifecycle
Good knowledge of OWASP models, frameworks and guides
Good Knowledge of Agile methodology
Excellent interpersonal and communication skills.
Good redaction skills, and experience in the preparation of written reports.
Ability to animate a community of practice.
The capability of integration in an international/multicultural environment
Security certifications (e.g. CISSP, CISM, OCSP, CSSLP, GWAPT, GWEB) are an asset

Due to the particular nature of a large international organisation such as the European Commission,

, rapid self-starting capability and experience in working in a team;

Ability to make presentations to Member State Authorities, excellent communicator.
Ability to participate in multilingual meetings;
Ability to work in multicultural environments, on multiple large projects;
Excellent Team Player
Ability to understand, speak and write in English C1; French at level B1 or higher will be an advantage;
MOVE-ENER SRD.2 contain personal and confidential data.

SPECIFIC EXPERTISE

Following specific expertise is mandatory for the performance of tasks:
At least 3 years of experience in ISO27000 (min. competence level 2)
At least 3 years of experience in Application Security (min. competence level 2)
At least 3 years of experience in security testing (min. competence level 2) CERTIFICATIONS & STANDARDS

At least one of the following certifications is required for the performance of tasks: