My client is seeking an experienced Application Security Engineer to join a busy Security Management team based in Cologne on an initial 4-6 month contract. The successful Application Security Engineer will be responsible for consulting the business on security for the SDLC, processes and technology & tools alongside monitoring compliance & security requirements and troubleshooting issues. You will be tasked with analysing key business applications from a security perspective, identify threats / issues and develop plans and remediation strategies for security issues. You ideally have an in-depth knowledge of applications, software security, networks, data and encryption protocols, API design, operations and cloud security patterns.
- Hybrid working – 80% Remote – ideally 1 day per week onsite in Cologne
- 4-6 months contract – extensions likely
- Candidate must be eligible to Freelance within Germany / EU
Skills & experience required:
- Demonstrable experience within Application Security / InfoSec / Engineering
- Strong grasp of DevOps & DevSecOps practices –
- Hands-on experience within Security Application Engineering & testing tools (BurpSuite, OWASP Zap, OWASP Amass, Metasploit)
- Cyber Security experience with a specific focus on application assurance tooling (Static, Infrastructure, Real time and Dynamic Security tooling and processes)
- Excellent Testing, Analysis and vulnerability testing / code review – Kali, Nessus, SAST/IAST/DAST/RASP.
- Ideally have experience of E nterprise Cloud technologies – Azure, Openshift, Docker, Kubernetes
- Shell Scripting and programming languages (Python, Java)
- Experience of implementing and/or supporting operational teams
- Ideally hold relevant qualifications (OSCP, CSSLP, CEH, ISSEP, Ethical Ninja)
Application Security Engineer – InfoSec – Cologne – Hybrid working – 80% Remote