Soyez acteur du changement

Application Security Engineer

Netherlands, 's-Hertogenbosch
CDI
5/31/2024
539347

YOUR ROLE

As an Application Security Engineer you will play a key role in assessing our Secure Software Development Lifecycle maturity, defining a security roadmap and driving the implementation and improvement of cybersecurity activities. 

This is a full-time, permanent role based in the DELMIA R&D Lab in `s-Hertogenbosch, the Netherlands. We expect you to work inside this office for at least 3 days a week.

YOUR RESPONSABILITES:

  • Lead our “shift left” security efforts to build security into the software development lifecycle.
  • Conduct secure design reviews and threat modeling sessions. Identify and prioritize risks, attack surfaces, and vulnerabilities.
  • Be available to conduct security code reviews and advise developers on remediating vulnerabilities and following secure coding practices.
  • Take charge of our vulnerability management program. Triage and prioritize vulnerabilities from scans, audits, and bug bounty submissions. Track remediation and validate fixes.
  • Research and recommend security tools and technologies to strengthen defenses against emerging threats targeting machine learning systems.
  • Develop and document security policies, standards, and playbooks. Conduct security awareness training sessions for engineers.
  • Collaborate closely with product engineers and researchers to instill security best practices. Advocate for secure architecture, design, and development.
  • Be the main DELMIA Quintiq R&D contact for security related subjects, such as answering questions related to our security development practices, tools and processes.

YOUR QUALIFICATIONS:

  • Have 3+ years of hands-on experience in application and infrastructure security, including securing cloud-based and containerized environments.
  • Have empathy, collaboration skills, and a learning mindset to be able to work cross-functionally with engineers of all levels towards building security into the product life cycle.
  • Be able to use creative and strategic thinking to reduce risks through secure design and simplicity, not just controls.
  • Possess broad security knowledge to connect the dots across domains and identify holistic ways to lower the overall attack surface.
  • Have the ability to distill complex security concepts into clear actions and drive consensus without direct authority.
  • Have a proactive mindset to thread security throughout the product lifecycle through activities like threat modeling, secure code review, and security-related education.
  • Have a strong grasp of offensive security to be able to anticipate risks from an adversary's perspective, not just check compliance boxes.
  • Have experience with modern application stacks, infrastructure, and security tools to implement pragmatic defenses.
  • Be passionate for security fundamentals like least privilege, defense-in-depth, and eliminating complexity that could sub-linearly scale security through smart design.

Déclaration de diversité

Dassault Systèmes, avant-gardiste en matière de technologie et d’innovation durable, s’efforce de créer des équipes toujours plus inclusives et diverses à travers le monde. Nous avons la forte conviction que nos employés sont notre atout numéro 1 et nous voulons que tous, se sentent libres d’être pleinement qui ils sont vraiment. Notre objectif est qu’ils ressentent fierté et sentiment d’appartenance. En tant qu’entreprise à la pointe du changement, il nous incombe de favoriser l’inclusion de tous et participer à création du monde de demain.
DELMIA Logo > Dassault Systèmes

Notre portefeuille de la marque DELMIA® permet aux entreprises et aux prestataires de services de connecter les mondes réel et virtuel des opérations mondiales pour réinventer l'entreprise et atteindre une excellence durable.