Application Security Engineer - DevSecOps

For one of our clients, an insurance company located in Luxembourg, we are looking for an Application Security Engineer - DevSecOps.

Your mission:

• Perform risk analysis on applications.

• Conduct code reviews and security tests (SAST, DAST, fuzzing…)

• Collaborate with developers to integrate security best practices into the development cycle

• Participate in the secure design of applications (Security by Design)

• Manage security audits and remediations

• Automate security tests in CI/CD

• Ensure compliance and traceability of security practices in cloud and containerized environments

• Work closely with technical and business teams

Your profile:

• You are available immediately or at very short notice,

• Application security, cryptography, and OWASP have no secrets for you,

• You excel in finding new vulnerabilities and their remediations,

• Participation in Bug Bounty programs and/or CTF platforms is a plus,

• You have a good understanding of source code and application architectures,

• Significant experience in deploying the OpenSamm framework is a plus,

• You are familiar with different languages like Java, Scala, Go, PHP, and Python,

• Deploying complex solutions in the insurance domain is a plus,

• You are familiar with continuous delivery, the DevOps field, and related tools,

• You master the Agile methodology,

• Strong organizational skills and rigor in work are prerequisites,

• You have excellent interpersonal skills and communication abilities,

• You demonstrate analytical and synthesis skills,

• You possess a strong team spirit,

• You are autonomous, creative, organized, and proactive,

• You are fluent in French and English,