Senior Application Security Consultant (Threat Modeling)

As an Application Security Consultant, you assist clients in creating a more secure development process, you actively coach developers in secure coding and help implement security concepts into the development lifecycle. Using your knowledge of security, you will help creating more secure applications. Projects you will work on will consist of: Implementing security controls inside of the development process, in order to increase the overall maturity of the software development lifecycle’s at our client’s. Presenting your roadmap to increase the maturity of our client’s software development practice; Providing hands-on training on secure development concepts and secure coding to developers of various coding languages; Scope, Execute & Plan assessment type of projects including Threat modeling Architecture Reviews (software based) Maturity Assessments (SAMM, DSOMM,…) Securing the development pipeline Source code reviews (if interested) Requirements You have a strong interest in the field of IT security and believe the following to be applicable to you: You hold citizenship in one of the 32 NATO member states; A previous experience in penetration testing, threat modeling or related projects; Knowledge of development frameworks, application architectures and authentication systems (OpenID, oAUTH, …) a deep understanding of development practices, preferably with some hands-on experience in coding yourself; Experience using build tools (e.g. Jenkins, TFS, maven,…); Strong knowledge of secure development lifecycle (SDLC) and practical implementation, requirements gathering and test planning, software architecture and secure coding; Hand-on experience with tooling to secure the development pipeline (SAST, DAST, …); The ability to credibly talk to (top)-management in a convincing manner on security in software development; Experience providing software architecture security guidance, including developing application threat models and methodically protecting against business logic and design flaws that could introduce security vulnerabilities. Positive, team and mission-oriented attitude; Strong interpersonal and verbal/written communications skills that enable the ability to work effectively in a collaborative team environment; Excellent English communications skills, both verbal and written; Dutch and / or French is a plus; You are ambitious and want to help clients; You are willing to learn and become a better version of yourself, everyday; Candidates must recognize and deal appropriately with confidential and sensitive information.