For our client in Amsterdam, we are looking for an IT Security Officer (Coding and Secure code review).

This request is not suitable for zzp.

This is a deta perm request!

The Mission 

Keeping the company safe, secure and compliant is a top priority at our client.

As part of the IT Security team your focus will be on providing security subject matter expertise and education and instilling the core security mindset and culture. You will be contributing to the delivery of various control improvements, assessing risks, creating awareness in cyber security and act as a security liaison for the delivery teams.

Roles and responsibilities:

Providing IT security advisory and guidance to DevOps teams involved in development & IT operations

Some examples of what you will be doing, and your responsibilities are:

Understand IT risk and security requirements to set specifications for testing and reporting.

Connect to and advice/guide teams with respect to penetration testing and solving issues.

Connect to and advice/guide teams in static and dynamic code checking (SDLC) and solving issues.

Advice/guide teams to secure the CI/CD pipelines and the tooling used

Communicating with the stakeholders to analyse and understand the need and design the solution accordingly.

Job Requirements:

Knowledge and experience:

3-4 years or more (preferably in Software company or Financial institution) in an IT security role

Experienced in (Java) coding, or at least secure code review and remediation

Understanding of network and web related protocols (such as TCP/IP, UDP, IPSEC, HTTP, HTTPS, protocols).

Understanding of typical security vulnerabilities and how to remediate them (for example OWASP top 10)

Familiar with ISO2700x, NIST, ISF, CIS and similar frameworks

Nice to have: relevant security certifications (e.g. ISC2 SSCP/CISSP, CompTIA Security+, EC-Council CEH)

Nice to have: experience with Checkmarx, or similar secure code tooling

Competences:

Hands-on mentality, adopt a problem and actively work to solve it

Excellent written and verbal communication skills – ability to explain technical solutions to both technical and non-technical audiences;

Strong sense of ownership, urgency, and drive

Customer-focused and enjoy working as part of a team

Strong capabilities to build internal confidence in a situation of constant change

Strong problem solving and analytical thinking - ability to diagnose and resolve ambiguous problems;

Strong resilience to stress and constructive and collaborative mindset;

Willingness to continuously improve skills;

Additon, what we are not looking for:

A ‘lead’ or a ‘manager’

An ‘architect’

A ‘GRC’ manager

A full time penetration tester (although experience as a pen tester would be a big +)