My client is seeking an experienced Application Security Engineer to join a busy Security Management team based in Cologne on an initial 4-6 month contract. The successful Application Security Engineer will be responsible for consulting the business on security for the SDLC, processes and technology & tools alongside monitoring compliance & security requirements and troubleshooting issues. You will be tasked with analysing key business applications from a security perspective, identify threats / issues and develop plans and remediation strategies for security issues. You ideally have an in-depth knowledge of applications, software security, networks, data and encryption protocols, API design, operations and cloud security patterns.

  • Hybrid working – 80% Remote – ideally 1 day per week onsite in Cologne
  • 4-6 months contract – extensions likely
  • Candidate must be eligible to Freelance within Germany / EU

Skills & experience required:

  • Demonstrable experience within Application Security / InfoSec / Engineering
  • Strong grasp of DevOps & DevSecOps practices –
  • Hands-on experience within Security Application Engineering & testing tools (BurpSuite, OWASP Zap, OWASP Amass, Metasploit)
  • Cyber Security experience with a specific focus on application assurance tooling (Static, Infrastructure, Real time and Dynamic Security tooling and processes)
  • Excellent Testing, Analysis and vulnerability testing / code review – Kali, Nessus, SAST/IAST/DAST/RASP.
  • Ideally have experience of E nterprise Cloud technologies – Azure, Openshift, Docker, Kubernetes
  • Shell Scripting and programming languages (Python, Java)
  • Experience of implementing and/or supporting operational teams
  • Ideally hold relevant qualifications (OSCP, CSSLP, CEH, ISSEP, Ethical Ninja)

Application Security Engineer – InfoSec – Cologne – Hybrid working – 80% Remote

My client looking to onboard an experienced contract Security Engineer to join an experienced InfoSec Team defining company wide information security strategies, standards and policies. The successful Security Engineer will report to the Group Head of Security and assist with strategic security engineering functions; acting as the “Project & Programme Security Engineer” within the organisations Security Management team.

* 1 day per week in Cardiff

** Inside IR35 – via an accredited umbrella company

*** Good day rate – Dependant on skills

**** 4 month initial contract – extensions highly likely

Main responsibilities include:

  • Maximising Windows Security Investments
  • Support Azure related projects
  • Lead on preparing Migration to managed WAF service
  • CyberArk privileged access management integration
  • Support Optimisation of Enterprise Email Security

Skills & Experience

  • A demonstrable background as a Security Engineer / Security Consultant / InfoSec Consultant from within large global enterprises
  • Relevant, Information Security and Information Technology knowledge. Ideally hold relevant Security / InfoSec certifications (CIGE, CIST, CIAM, CIMP, CAMS, CAP, CISSP, etc.)
  • Microsoft Certifications focussed on security (e.g. Microsoft Certified: Security Operations Analyst Associate / Identity and Access Administrator Associate)
  • Relevant network knowledge of security using Cisco , Palo Alto , F5 technologies and Microsoft Advanced security features
  • Ideally have good experience of Azure Cloud and DevOps
  • Experience of supporting and managing PAM/PSM via CyberArk
  • Be able to act as a point of contact for engagement with management, key stakeholders, 3rd parties & suppliers
  • Have excellent communication skills

InfoSec Consultant – Azure – Cardiff – 80% Remote