JOB DESCRIPTION
You want to join Excellium because…
You are curious, motivated, and passionate!
Integrated within dynamic and passionate teams, as our new Application Security Consultant, you will have the opportunity to fully invest yourself, innovate and create from the latest technologies. You will quickly find your place at Excellium. In order to understand our business, the challenges of our customers and to support them we regularly organize meetings, workshops and training. We will thus help you level up your skills and position you on stimulating projects adapted to your profile and enabling you to surpass yourself.
Your team as Application Security Consultant :
The Application Security team of Excellium is looking for a Senior Developer who is keen to discover and switch to the Application Security field. Here are some aspects you can expect in your environment and within your team :
- Environment focusing on technical expertise and knowledge sharing.
- Access to a company where you can be “Yourself” and freely think “Out of the box”.
- Access to a company in which dress code and appearance is not the focus.
- Access to a company that used adapted working material (laptop, labs…).
Your mission as Application Security Consultant:
You are going to face challenging missions in which you will use and develop your attacker and defender mindsets. Through these missions you are going to have :
- Access to high-level security training and certification (SANS/Offensive Security).
- Opportunity to jump into the Application Security field.
- Access to multiple security/development conferences (as speaker or visitor).
PROFILE
As an Application Security Consultant, you are a developer working on application implementation projects for several years from a professional or personal point of views.
As an Application Security Consultant you have:
- Interest in the Application Security field.
- Been involved in security-related tasks from one of these contexts:
- Design of features allowing them to be secure by default.
Technical skills:
- After a period of close coaching by the AppSec team on the Application Security field that will leverage the candidate development background, he must be able to:
- Understand and spot security weaknesses in software architecture;
- Understand and spot security weaknesses in a software code base;
- Understand and create/enhance continuous integration process and platform about security validation;
- Understand the Software Development Life Cycle of an application and the organizational approach of the application security into an SDLC;
- Conduct a security configuration review on an application server or a web server.
- If time is provided to learn the target technology and the target attacks, the candidate must be able to:
- Create defensive measures in any technologies;
- Develop/update custom attack tools/scripts/software;
- Motivated to learn how to perform intrusion tests on web and mobile (Android / iOS) target of evaluation;
- Motivated to learn web or mobile attack patterns and technics;
Human skills:
- Able to share technical knowledge;
- Able the explain technical aspects to a client or non-technical people;
- Able to work and integrate into a team;
- Strictness in assessment mission and associated report realization;
- Strictness in respect to the mission planning and timeframe;
- High modesty;
- Technical curiosity form an attacker and defender point of views about new technologies and attack vector;
- Able to speak, write and read in French and English.
Organizational skills:
- Able to manage and keep his agenda up to date according to mission booking request provided by the team leader;
- Able to work in autonomy on a topic after a period of training and coaching on this topic.
Misc. skills:
- Contribute to Open Source projects;
- Enthusiast by the Application Security area;
- Perform close technical surveys and share interesting information/link/tool discovered with the team and/or the Open Source community.
That’s a plus if :
- You are familiar with the OWASP, its OWASP Top-10 ranking, and its guides (ASVS, Testing Guide, cheat sheets…)
- You have certifications in the field of security and more precisely that of application security (ex. GIAC Web Application Defenders certification, …)
You are a big enthusiast of IT security, you are curious and on the lookout for the latest news, security holes and technological advances, then apply !!
OFFER DETAILS
Contract: Full time
Location : 5 rue Goell L-5326 Contern, Luxembourg
“Your personal data will be kept for a period not exceeding 3 months. If you agree, your personal data will be kept for up to 12 months for potential future job offers. “
WHO WE ARE?
Joining Excellium Services is about having the possibility to fully invest yourself, innovate and create from the latest technologies.
Our team is dynamic with accessible managing partners and involved cyber soldiers.
It is about joining a family with more than 100 direct & passionate employees.
Last but not least! This is also about having the chance to level up your skills in:
- Cybersecurity
- Hybrid Cloud,
- Managed Security Services,
- Network Security
- Application Security.
We will help you develop your knowledge. Do not wait any further.
