For one of our international Client we are looking for a Security Engineer.

• Security Engineer
• Long term, 1 year+ possible extension
• Remote
• Start date: asap
• Industry: automotive

Scope and Phases:

• The project will be carried out in two stages, each lasting 12 months.
• The first stage of the project will be conducted in three distinct phases:

1. Research and Evaluation (3 months) – Identification and assessment of appropriate ASPM solutions, adaptation to business and security requirements, and definition of success criteria.
2. Configuration, Integration, Documentation (3 months) – Installation and integration of the tool within the client ecosystem, preparation of documented processes for application teams, and development of an implementation plan.
3. Soft Launch (6 months) – Pilot deployment with selected applications to verify the tool’s effectiveness and feasibility of integration.

Technical skills:

• Proficient with security assessment tools (e.g., ASPM tools) and scanners (e.g., Semgrep, BlackDuck, Nexus IQ, ZAP, Fortify, Sonarqube).
• Strong knowledge of major application vulnerabilities and threats (e.g., OWASP TOP10) and understanding of mitigation and remediation techniques.
• Deep understanding of secure coding practices and security standards (e.g., OWASP ASVS, NIST).
• Practical experience with programming languages (e.g., Python, Java, .NET, JS, C, C++) and scripting.
• Familiarity with DevSecOps practices and tools (e.g., Azure, Jenkins, Docker, Kubernetes, CI/CD pipelines).

Certificates:
Relevant certifications such as CISSP, OSCP, or GWAPT are highly desirable.

Soft skills:

• Proactiveness and ability to work independently.
• Excellent communication and interpersonal skills.
• Strong problem-solving and analytical skills.
• Ability to collaborate effectively in a cross-functional team environment.