`Application
Security Engineer
About the job ― We are looking for an experienced Application Security Engineer to lead the charge in ensuring the highest levels of security in our software development lifecycle T
The fair forward manifesto ― In our hyper-connected world, organizations must design, create, and deploy innovative processes and experiences U The best talents must join forces beyond backgrounds, borders, or contract R forms. We have to move fair forward together, in a world of work where only excellence, agility and enthusiasm count Y, and the best talent wins.
As an Application Security Engineer, you will be responsible for embedding security into every stage of our development process. You will work closely with our development team to secure our .NET, JavaScript, and Angular-based applications by identifying vulnerabilities, promoting secure coding practices, and implementing proactive security measures.
Your role is crucial in safeguarding our software against potential threats while enabling seamless functionality for our users.
Your Key Responsibilities
Security Code Reviews
- Perform in-depth security reviews of our .NET, JavaScript, and Angular applications.
- Identify vulnerabilities such as injection attacks, cross-site scripting (XSS), cross-site request forgery (CSRF), and other OWASP Top 10 risks.
- Collaborate with developers to remediate security vulnerabilities, providing actionable feedback and guidance.
Secure Development Practices
- Establish and enforce secure coding guidelines for development teams.
- Integrate security into the CI/CD pipeline using automated tools to perform static code analysis (SAST) and dynamic application security testing (DAST).
- Champion a DevSecOps culture, ensuring security is a top priority throughout the development lifecycle.
Threat Modeling & Risk Assessment
- Conduct threat modelling exercises to identify potential risks in application design.
- Evaluate new features and designs for security risks and provide mitigation strategies.
- Perform security risk assessments for third-party libraries, APIs, and integrations.
Vulnerability Management
- Implement tools and processes to detect vulnerabilities in both the codebase and the third-party dependencies.
- Work closely with development teams to prioritize and fix vulnerabilities in a timely manner.
- Stay current on the latest security vulnerabilities affecting the .NET, JavaScript, and Angular ecosystems.
Security Incident Response
- Assist in responding to application security incidents, including analyzing root causes, documenting findings, and helping implement preventive measures.
- Collaborate with the operations teams to address application-related security issues.
Cloud Security (Azure)
- Implement application-level security best practices in Azure, including securing APIs, data storage, and access controls.
- Leverage Azure security tools such as Azure App Service Environment, Key Vault, and Application Gateway to safeguard the application.
- Ensure application configurations align with Azure’s security best practices.
Security Awareness & Training
- Conduct secure coding training for development teams to improve their understanding of potential risks and how to mitigate them.
- Promote a culture of security awareness, encouraging the team to prioritize security throughout the software development lifecycle.
Fair ⎯ Organizations must align talent on the basis of fairness.
More becomes possible when you work together regardless of backgrounds, borders, or contract forms.
It makes organizations happier and healthier. They carry forward business and society with more power and value. Fairness is essential throughout the process, from creating a job opportunity to selection, contracting, collaboration, billing and payment. In a balanced demand and supply ecology, this works both ways, with exact and honest offerings met by precise proposed candidates.
Requirements
3+ years of experience in application security, particularly in a SaaS environment or working with Azure cloud services.
Strong knowledge of .NET, JavaScript, and Angular ecosystems, with a focus on identifying and addressing security vulnerabilities.
Familiarity with secure coding best practices and software security architecture.
Hands-on experience with automated security testing tools such as SAST, DAST, and dependency scanning (e.g., OWASP Dependency-Check, Burp Suite, Veracode, SonarQube).
Experience with OWASP Top 10 and proven ability to prevent and mitigate common web vulnerabilities (e.g., SQL injection, XSS, CSRF).
Familiarity with Azure security services (Azure Security Center, Azure Key Vault, Azure Application Gateway).
Understanding of DevSecOps practices and the ability to integrate security into CI/CD pipelines.
Knowledge of authentication and authorization protocols (OAuth, OpenID Connect, JWT) and security standards (SSL/TLS, encryption).
Preferred Qualifications
Certifications:
=> Relevant certifications such as Certified Ethical Hacker (CEH),
=> Certified Information Systems Security Professional (CISSP),
=> or Microsoft Certified: Azure Security Engineer Associate.
Experience with container security (Docker) is a plus.
Experience in securing REST APIs and Single Page Applications (SPA) using Angular.
Hands-on experience with Azure DevOps security features.
Forward ⎯ Share the entrepreneurial spirit of corporate leaders.
Boost results and sustainable growth through participation and cooperation.
We say what we do and do what we say. Every insight, idea and action is aligned to forward the users’ current and future business needs and economic viability. As an innovator, we naturally focus on technological feasibility in this effort. ProUnity’s delivery extends beyond efficient implementation, pushing platform features to their limits in custom solutions. Our engine runs like clockwork, and our in-house developments add top value.
We keep you happy at work
A full-time, open-ended contract.
A salary that matches your experience, complemented by a nice package of fringe benefits.
Flexible working hours: you have the freedom to start/stop earlier/later or take longer breaks.
Right to at least 2 days of work from home.
Easily accessible offices in the Brussels region.
A pleasant and intellectually stimulating work environment in a close-knit team.
Room to learn and grow: we help each other to excel and learn together from our mistakes.
A warm environment where every voice counts and everyone’s input makes a difference.
Together ⎯ Work with clients as one team.
Adopt a one-team-approach to scale value creation across clients and their users.
We become faster, stronger, and more confident as HR-Tech innovators by clear communication, proven agile collaboration methods, shared tools and data. They allows us to fluently fuse external talent, service partners and clients in one ecosystem.
By sharing expertise, strategic and practical advice, our work and life become better. Together is the key word for great results, guided by practical and economical sense, while avoiding risks.