[ref. r89839117] DevSecOps Security Manager - Maastricht

We are an organization that is not just moving goods around, we have a very clear purpose, and we are: Connecting People. Improving Lives.

About the Role:

You will play a key part in shaping our security culture and driving the adoption of best practices.

Responsibilities:

• Manage all aspects of application security assessments, including vulnerability assessments, penetration testing, and source code reviews for web, mobile, and thick-client applications.
• Develop and implement application security policies and procedures aligned with industry best practices and regulatory requirements.
• Mentor and guide development teams on secure coding practices and DevSecOps principles.
• Stay abreast of emerging threats and vulnerabilities, advising on mitigation strategies.
• Work closely with development teams to integrate security testing into the SDLC (Software Development Lifecycle) and CI/CD pipelines.
• Conduct security architecture reviews and provide expert advice on secure design principles.
• Experience with dynamic application security testing (DAST) and relevant security methodologies (e.g., OWASP Top 10, ASVS), along with familiarity with SANS methodologies is preferred.
• Collaborate with cloud security teams to ensure secure deployment and operation of applications in cloud environments. This includes familiarity with Cloud Security Posture Management (CSPM), Identity & Access Management (IAM), and encryption technologies.
• Report on security posture, vulnerabilities, and remediation efforts to senior management.
• Contribute to the development and improvement of our overall security strategy.

Qualifications:

• Minimum of 8 years of experience in information or cybersecurity, with a strong preference for experience in application security assessment roles.
• Minimum of 4 years of hands-on experience in vulnerability assessment, penetration testing, and source code reviews, including SCA of web, mobile, and thick-client applications.
• Proven experience with security testing tools and methodologies (OSSTMM, OWASP Top 10, OWASP ASVS, and SANS methodologies).
• Strong understanding of cloud security concepts and tools (CSPM, IAM, encryption).
• Excellent communication, collaboration, and presentation skills; ability to clearly articulate technical concepts to both technical and non-technical audiences.
• Experience working in an Agile/DevOps environment is a plus.
• Relevant certifications (e.g., OSCP, CEH, CISSP, GWAPT) are highly valued.

What We Offer You:

• The opportunity to join a leading global company and be part of a dynamic team.
• Flexible working hours and remote work options.
• A thriving international environment.
• An attractive compensation and benefits package.

If you believe you are the right fit for this role, please submit your CV and let's explore this opportunity together. We look forward to hearing from you.

#scout