Application Security Engineer – Delft

Delft #9026

An application security engineer ensures that every step of the software development lifecycle (SDLC) follows security best practices. They are also responsible for adhering to secure coding principles and aid in testing the application against security risks/parameters before release. Are you a developer that wants to focus more the security part? Not that much experience yet, but you have the skills and the right mindset? Then this is the opportunity what you are looking for.

De organisatie

The mission of Emburse is to help make their users’ lives — and their businesses – better. Emburse is dramatically transforming how organizations manage corporate expenses and invoices. They humanize work by automating manual tasks and saving users’ time, so their users can focus on what matters most — their family, community, or more rewarding work. They help CFO’s give their employees a simple and amazing experience while ensuring compliance and reducing costs. Their solutions are tailored for companies from start-ups to enterprises. They have more than 16,000 clients and 9 million users globally. Emburse has offices across North America, including Los Angeles, Montreal, Portland (ME), San Diego, San Francisco, and Toronto, as well as locations in the UK, Germany, Spain, Australia and the Netherlands.

The core values of Emburse – Sincerity, Empathy, Empowerment, Individuality, and Teamwork – reflect who they are as a company. Emburse is central to the decisions they make and the interactions they have with their teams, customers, and partners. As a people-focused company, they are seeking candidates who align with those values.

Emburse has 12 business units one of the units is Emburse Go. Emburse Go brings all corporate travel providers together in one app that enables large enterprises to better manage their travel programs and increase their travel providers in the travel policy. The app is being created for the company to guide employees during their travels by combining real-time travel information with company-specific information and experiences from colleagues. Travelers get to see all the information they normally get in consumer apps, supplemented with the knowledge of colleagues and the corporate travel team.

The security team of Emburse is separated and consists of 20 people. They are now focusing on building a security team for the Business Unit Emburse Go. Therefore they need your help!

De functie

  • Engaging with IT and business projects to design and implement appropriate security controls for new or changing systems. Stay up to date with information security trends to make informed recommendations on security-related items;
  • Develop policies, procedures and standards that meet existing and newly developed policy and regulatory requirements;
  • The main point of contact for compliance: ISO 27001, GDPR, and future SOC 2 Type II Audits. Address questions from internal and external audits and examinations;
  • Manage remediation of external and internal vulnerability scanning (Tenable), assist external penetration testers and manage remediation of findings, and manage the deployment of application security tools for SAST (SonarCube), IAST (Contrast Security), and OSS;
  • Providing security awareness and training for employees;
  • Develop policies, procedures and standards that meet existing and newly developed policy and regulatory requirements;
  • Support global end point security initiatives (Crowdstrike).

Het profiel

  • C# / .NET;
  • CI/CD;
  • Automation of security testing (SAST (SonarQube), IAST (Contrast Security), Azure DevOps, etc.);
  • Experience application security testing & vulnerability management (Tenable);
  • Managing & supporting (external) pentests, pentest strategy;
  • Azure / AWS (80/20);
  • Assisting IT compliance audits (ISO 27001, ISO 27701, SOC2, GDPR);
  • Design secure architecture;
  • Provide security awareness and training for employees;
  • Scripting: Bash / Python / PowerShell (Nice to have);
  • Terraform (Nice to have);

Het aanbod

  • A salary of max. €65.000,- fixed annual salary. Excluding holiday allowance. The eventual offer will be based on your current skill- and knowledge level;
  • Unlimited days off;
  • Flexible working hours;
  • Pension plan;
  • Interesting career opportunities.

Meer informatie

  • Madhevi Soeknandan
  • E: madhevi.soeknandan@sterksen.com
  • M: +316 43 14 82 24
  • T: +31 88 044 2000
Meer informatie over deze vacature

Madhevi Soeknandan

IT Recruiter