Keywords:
writing
Type:
Permanent employment
Location:
Amsterdam
Education:
Associate degree (EQF 5), Bachelor (EQF 6), MBO-4/HAVO/VWO (EQF 4)
Published:
07/05/2024
Status:
Open
Apply before:
26/08/2024
Hours p/wk:
40

Description:

Software is the cement of our modern civilization. It is everywhere, impossible to ignore, and growing at unprecedented speed. We specialize software security and help engineering teams to ship quality secure products.

 

Do we match?

We believe no catch-all diploma or certification exists for creative thinkers with a strong hacker mind-set. Our team consists of players with different backgrounds. Software development, electronics, informatics, graphic design, mathematics, and even psychology. Oftentimes, it’s people who have immersed themselves into (software) security out of their intrinsic drive and passion!

 

You know your way around code and the world of software development. You prefer code reviews over blind blackbox poking. You love to automate the automatable but are also aware of its strong limitations (blind for lots of security vulnerabilities).

 

You love to work and learn in an informal environment within a team of likeminded colleagues who are enthusiastically engaged in their passion.

 

What you will do 

The combined responsibility of our teams is to consistently offer our clients, who operate remote development teams, ongoing security assessments for all their development projects and releases. In order to assess the security quality of the products being build by our clients,  we actively conduct both manual and automated security code reviews, as well as focused security testing

To enhance the efficiency of our workflow, we've developed a wide array of tools, portals, IDE plugins, and security automation pipelines. These resources streamline the process of reviewing, testing, and reporting on any security findings and observations. By streamlining our processes, we not only ensure the effectiveness of our assessments but also create a more enjoyable experience for our security engineers. This optimization enables our team to dedicate their time exclusively to security reviews and testing, eliminating the less  exciting overhead tasks.

 

Your main activities

  • Security code reviews, testing, threat modeling.
  • Support development teams (remotely, from our office and home) in keeping their code/product secure.
  • Explain findings to technical and non-technical stakeholders.
  • Keep up-to-date with emerging security technologies and practices.

Job requirements

Required

  • Based in the Netherlands
  • Proficient in at least one programming language.
  • Experience with manual security code reviews.
  • Strong understanding of software vulnerabilities (e.g. OWASP ASVS).
  • Creative, hacker mindset and an innovative change-oriented attitude.
  • Proficient verbal and written communication in English.

Bonus points

  • Native Dutch speaker.
  • Experience with C# or Java.
  • Experience with Static Code Analysis tools (e.g. Semgrep, Roslyn).
  • Experience with appsec training / awareness.
  • You like blogging and talking about appsec topics.

Job benefits

  • A proper salary based on your experience (55.000-75.000).
  • Work and learn in a team of 20+ leading (application) security experts.
  • Informal work environment with a lot of experience that everyone likes to share.
  • Work from home or our Amsterdam office. You will not be outsourced to clients (secondment).
  • Take courses, go to seminars/workshops/conferences and so on. We encourage this.
  • Working hour flexibility
 
And of course we are more than willing to have a chat with you concerning other items important to you.