Senior Application Security Engineer

Solliciteer nu

ING Private Cloud is launching a new cloud security squad. We are looking for qualified Senior application security engineers with hands-on cloud and security backgrounds. We love taking on new challenges and leveraging new technologies. If you are looking to expand your career and knowledge, developing cloud security expertise while protecting millions of customers, then your place is here with us.

The team

You will become part of the new ING Private Cloud (IPC) security squad, entrusted with thousands of mission-critical systems and protecting over 37,000,000 customers around the globe. The squad will consist of (highly) skilled security professionals who will do research, train, and advise cloud engineers and tenants on full-stack cloud security. From hardening Infrastructure as Code, and enhancing DevSecOps in pipelines, to protection of homebrewed API service meshes. The team will work according to the agile way of working and in a prototyping culture. Researching new technologies, their inherent vulnerabilities, and best mitigation methodologies. The squad will set up security test environments, enhancing automated security validation. We love code - reading it and writing it. The squad will serve as secure code evangelists, sharing knowledge and assisting in defensive programming. From threat modeling to the development of custom in-code security controls.

Role and responsibilities

As an Application security engineer, you will be working in a team of multiple security engineers on several topics, including:

Adding Automated Security Testing to existing build pipelines in various programming languages and tech stacks;

Reducing the clutter of security alerts through data analysis and policy fine-tuning;

Research & Advisory: Windows and Linux OS hardening;

Research & Advisory: Container hardening;

Research & Advisory: API security;

Research & Advisory: Infrastructure as Code security;

Building security testing environments;

Security Awareness: Cloud & AppSec trainings on trending topics.

You will help reduce the risk for the organization by helping our DevOps teams deliver secure products. You will help create new strategic plans to be more efficient and work together with several other security departments under Global CISO, such as Secure Defense Centre, Penetration Testing, and Security monitoring squads. The strategic plans will be presented to the senior management.

You will coach your team members and your colleagues, bring them to the next level in their careers, and improve their security knowledge. You also will assist with the continuous improvement of the processes critical to the success of the team and you will align with other stakeholders in other domains including global CISO with your new initiatives.

How to succeed

We hire smart people like you for your potential. Our biggest expectation is that you’ll stay curious. Keep learning. Take on responsibility. In return, we’ll back you to develop into an even more awesome version of or in Computer Science or equivalent job experience;

Experienced in working in complex environments; (6/7 years of relevant experience)

Strong analytic skills and ability to solve highly complex problems;

Experience with OWASP coding and testing guidance;

Experience deploying enterprise security testing solutions;

Experience setting up build/test/data pipelines in cloud environments;

Application security static and dynamic testing - pentest experience using ZAP / Burp and SAST tools;

Proven experience with code security review covering at least Java, C#, Python, or Go;

Familiarity with Secure Development Lifecycle practices and Agile development with Continuous Delivery / Integration;

Knowledge of cloud security;

Eagerness to challenge the status quo, balanced with a reasonable and methodical approach to effecting change.

Rewards and benefits

We want to make sure that it’s possible for you to strike the right balance between your career and your private life. You can find out more about our employment conditions at

A salary tailored to your qualities and experience

24-27 vacation days depending on contract

Pension scheme

13th month salary

Individual Savings Contribution (BIS), of your gross annual salary

8% Holiday payment

Hybrid working to blend home working for focus and office working for collaboration and co-creation

Personal growth and challenging work with endless possibilities

An informal working environment with innovative colleagues

Work Agile, so new ideas come to life faster

Solliciteer nu

Anderen bekeken ook

IT Infrastructure & Security Manager

David Kennedy Recruitment

Amsterdam

15.03.2024

David Kennedy Recruitment Ltd provides unparalleled recruitment services for international companies across the Europe. We bring a fresh and innovativ...

Freelance - IT Infrastructure & Security

Wibit Consulting & Services (WibitCS)

Amsterdam

01.04.2024

Coming from a mainly IT background and gaining recruitment experience over the years first as an IT recruiter and now as a Global Talent RecruiterIn p...

Project Manager Security Testing

PwC

Amsterdam

08.04.2024

Description & Summary Are you the new project manager of our Cyber Technology team? Do you have solid project management skills and an affinity ...

Senior Application Security Engineer

Bedrijf:

ING

Gemeente:

Amsterdam

Contracttype:

Vast contract, Voltijds

Categorieën:

Security Engineer

Opleidingsniveau:

Master

Carriereniveau:

Senior

Gepubliceerd:

14.03.2024

Deel nu:

Vind een job die bij jou past