In this role, you will be responsible for implementing security activities throughout the application development life cycle (SDLC) and acting as the operational point of contact for the security team on all matters relating to application security.

Main tasks

Plan and design:

• Contribute to the definition of security requirements in the design phase;

• Contribute to secure software design and architectures;

• Contribute to the threat framework to anticipate security problems during the design phase;

Develop and build:

• Coordinates the implementation of application security requirements;

• Participate in security code reviews;

• Use application security test requirements to analyse code for security defects;

• Help developers to correct security deficiencies;

• Bridge the gap between the local security team and the development team;           

Address vulnerabilities and report to management:

• Ensure ongoing monitoring of library and networking security requirements;

• Follow up of security metrics to achieve predefined KPIs and align their evolution with the local security team;

• Manage the lifecycle of vulnerabilities escalated by the security scan tools;

Collaborate and train internal teams:

• Promote good practices in application security with the local security team;

• Share knowledge on specific application security topics within the security developers/champions community;

• Stay up-to-date of the latest security threats in applications;

• Build and maintain a knowledge base of application security good practices in collaboration with local security team;