Security Engineer - SDLC

Posted 30 June 2025
Salary Competitive
LocationLuxembourg
Discipline Cyber Security
Reference73880

Job description

Job Description

Application Security Specialist

About the Role

We are seeking a highly skilled and experienced Application Security Specialist to join our team. The ideal candidate will be responsible for ensuring the security of our applications throughout the software development lifecycle1 (SDLC). This role will focus on identifying, mitigating, and preventing security vulnerabilities in web applications, APIs, and related systems. The candidate will collaborate closely with development teams, provide security guidance, and implement security testing and best practices.

Responsibilities

  • Conduct systematic threat modeling sessions to identify potential security threats and vulnerabilities in software and system architectures.
  • Collaborate with development and engineering teams to integrate threat modeling practices into the software development lifecycle (SDLC).
  • Create comprehensive threat analysis reports, detailing potential attack vectors, impact assessments, and recommended countermeasures.
  • Implement automated vulnerability scanning protocols.
  • Collaborate with cross-functional teams to develop and implement mitigation strategies for identified vulnerabilities.
  • Provide risk assessment training and guidance to staff, promoting a culture of security awareness and proactive risk management.
  • Integrate Static Application Security Testing (SAST) into the CI/CD pipeline, enforcing security controls.
  • Train application development teams on secure coding practices and provide tailored guidance on securing applications.
  • Perform dynamic application security testing (DAST) and static application security testing (SAST).
  • Perform Web Application Penetration Testing.
  • Utilize tools such as Burp Suite, OWASP ZAP, and SQLMap for application security testing.
  • Implement security measures, including identifying and mitigating OWASP Top 10 vulnerabilities.
  • Participate in code reviews, ensuring high-quality standards and adherence to security best practices.
  • Strategically extract and analyze information and data sets to enhance software security features.

Qualifications

  • Bachelor's degree in Computer Science, Information Security, or a related field.
  • Proven experience as an Application Security2 Specialist or similar role.
  • Strong understanding of web application security principles and best practices.
  • Experience with threat modeling methodologies.
  • Proficiency in vulnerability management and secure coding practices.
  • Experience with SAST and DAST tools.
  • Knowledge of OWASP guidelines and standards.
  • Experience with penetration testing techniques.
  • Familiarity with CI/CD pipelines and integrating security testing.
  • Excellent analytical and problem-solving skills.
  • Strong communication and collaboration skills.
  • Fluency in English (C2 level).

Preferred Skills

  • Experience with various programming languages (e.g., Python, JavaScript, etc.).
  • Experience with cloud security (AWS, etc.) in the context of application deployment.
  • Experience with containerization technologies (e.g., Docker) and their security implications.