Senior Application Security Engineer
Please note that this opportunity is only open to candidates already living in Europe, due to the current situation with the Covid-19. Thank you for your understanding.
Founded in 2011, Mobiquity provides end-to-end omnichannel digital consulting services to trusted B2B and B2C brands (HealthCare, Banking, IoT, Big Data, and cutting edge Web & Mobile Applications). With over 750 employees spread across the USA, Europe, and India, 40 different nationalities combined; we create compelling digital experiences to help our clients create the best human-centric products. Our expertise includes Strategy, Design, Product Engineering, Analytics, and Cloud Services. Each day, 50 million users interact with our solutions.
Our teams are inspired by technology but it doesn’t rule them. We love to learn, we are curious by nature and committed to making a mark. Working at Mobiquity means that sometimes you’ll be working outside your comfort zone, and you’ll work with smart people, possibly some that are even smarter than you. We value people that judge their success by the success of the team and the happiness of customers.
We’re also proud to be an Amazon Web Services (AWS) Premier Consulting Partner.
What you’ll be doing
- Ensure new projects are scoped, implemented and deployed in a secure manner,
- Provide application security expertise to customer project delivery teams throughout the Mobiquity Software Development Lifecycle (SDLC),
- Review static code analysis findings for exploitability and provide recommendations to developers for remediating findings,
- Perform validation and testing on mobile and web applications to ensure products meet internal requirements and industry standards for software security,
- Provide security subject matter expertise and consultation to internal Business Units and Customers,
- Maintain, apply, and enhance security architecture, development, testing, operations, and compliance standards throughout the organisation,
- Coordinate with the IT, Operations, and Delivery teams to ensure adherence to strong SDLC tools and processes and training in secure coding and testing best practices,
- Perform security internal audits on new projects,
- Perform risk assessments on vendors, tools, and processes,
- Advice on strategy or new and existing compliance standards for Mobiquity and customers,
- Support and manage internal security operations functions, including security awareness, vulnerability management, and incident response,
- Consult with IT and Delivery teams on forensic analysis of breaches and exploits,
- Maintain, apply, and enhance a set of materials for internal and external use related to Mobiquity security posture and on-going expertise,
- Assist with the creation of periodic blog posts and other market-facing content on topical security subjects,
- Represent Mobiquity with industry leaders, analysts and standards bodies in areas related to security and compliance,
- Provide other security, compliance, and technical tasks as assigned by the Director of Security Engineering,
- Conduct point in time risk assessments for major project milestones and deliverables, and advising client delivery with communication and decision making for residual security risks.
What it takes to excel in this role
- Experience with pen-testing
- Experience with AWS technologies and other cloud technologies
- Experience with Mobile (Android and iOS) application architecture,
- Ability to understand, explain, and demonstrate various security vulnerabilities & risks including XSS, CSRF, Code Injection, MitM, Brute-force/Dictionary/Rainbow Table attacks
- Experience explaining technical and security concepts to both technical and non-technical resources in a consultative role
- Excellent oral, written, and interpersonal communication skills,
- Knowledge of industry regulations such as GDPR and HIPAA, or other industry standards such as PCI DSS, ISO 27001, or OWASP,
- Experience delivering security training to security professionals, engineers, and non-engineers,
- Experience applying security best practices in an agile development environment using modern secure development lifecycle frameworks such as Microsoft SDL and OWASP SAMM 2,
- Excellent planning, organizing and time management skills
- Experience with system administration of Linux based systems, database technologies, endpoint security, security logging, and monitoring systems,
- Experience with OIDC, Oauth2, SAML,
- Experience with key management, secrets management,
- Experience with container and serverless technologies.
Applicable Certifications include
- Certified Ethical Hacker (CEH),
- Certified Information Systems Security Professional (CISSP),
- AWS Certified Security - Specialty.
And if you have a passion for technology, then we’re looking for you!
What we offer
- Competitive salary
- 25 holidays
- Pension plan
- Travel costs compensation
- Training via our Mobiquity Academy
- Health insurance compensation (€100,- per month)
- Free fruits, Friday breakfast, lunch and afternoon drinks, and lots of fun in the office including a game room with pool & ping pong table, Xbox…
- A collaborative learning environment and cool creative and innovative projects
- When you are not working at a client’s location, join us in our Amsterdam office
- We invest in your growth, success, and happiness, and celebrate the world-class work you produce
- We are famous for our healthy work-life balance and being really flexible.
For candidates from outside of The Netherlands, we offer a relocation package including support in obtaining a knowledge migrant work permit, 30% tax ruling application, finding rental accommodation, and a flight ticket.
Do you have what it takes? Follow our instructions below to apply.
After giving your consent in the section below, please upload your resume and details. Have questions before applying? Please address them to our recruiter: Zeynep Tunalioglu - [email protected]