Back to All Jobs
Bois, FRA
56 days ago
Information Security Analyst

As an Application Security Engineer working in a dynamic international context, your role extends to collaborating with developers, product owners, engineering and IT staff across various countries, including European countries, the USA, and India. You will carry out and manage security controls withing the secure software development lifecycle of application, ensuring security practices are implemented globally, and providing transparent insights into measurable outcomes. This role is also pivotal in supporting diverse teams through the vulnerability management process, aligning security goals with international regulatory standards and fostering a culture of security awareness across borders.

ROLES & RESPONSIBILITIES

Support the evolution and implementation of the security policies, standards and guidelines, and provide further documented clarifications the corresponding rules, according to the applicable standards, industry good practices or reference documents (OWASP and NIST guidelines, SANS, ISO, CERT, ENISA, ANSSI, BSI…).

Improve the SSDLC practices across Wolters Kluwer’s software, especially to prevent the introduction of vulnerabilities or weaknesses

Roll out reproductible analysis plans or automated tests

Carry out regular operational security checks and reviews

Perform the initial triage and review of application security audits and reports

Support and monitor the secure deployment and hardening of applications and associated systems

Monitor the vulnerabilities in products, systems, and networks

Define repeatable means to detect security vulnerabilities, document mitigations, and assist the definition and implementation of appropriate solutions with required stakeholders

Support the security training and awareness actions

Drive the Threat Modeling practices in cooperation with application teams.

Knowledge/ Skills/ Abilities / Education

Master of Engineering/Computer science or cyber securit

Functional skills

Application Security standards and industry good practices (OWASP Top10, ASVS, …)

ISO and NIST security standards

Industry good practices, evaluation protocols (MITRE, CIS Benchmarks, CSA Frameworks, etc.)

Software development lifecycles and DevSecOps processes

Threat models, associated reference systems and methodologies

International regulations relating to PII processing and data handling (GDPR, HIPAA, etc.)

Vulnerability analysis and triage.

Technical knowledge:

Azure or AWS cloud services

Operating systems: Windows Server, Linux or BSD

Containers, Docker/ Kubernetes

Network protocols, Network Firewalls and Web Application Firewalls

.NET framework, HTML, JavaScript, React and/or NodeJS

Database modeling, SQL, T-SQL, PL/SQL

Cryptography, key management and cryptographic protocols for both data in transit and at rest

Authentication mechanisms and protocols

Application Security Testing tools such as:

Dynamic Analysis: ZED, BURP, AppScan, WebInspect ...

Static analysis: Veracode, Coverity, SonarQube , Checkmarx, Mend, Blackduck…

Threat modeling tools

Version control systems, code and artifact repositories

Standard MS Office skills required in general with advanced Excel or PowerBI skills recommended

Languages

Fluent English, required to collaborate in our international work context.

Soft skills

Motivated by teamwork and collaboration and able to adjust to different levels of the organization

Rigorous and accountable, outcome-oriented and mindful of added value

Strong analytical mind, and an ability to summarize efficiently

Good redacting and verbal communication skills.

Comfortable in a global and evolving work environment.

Show More
Save & Apply Later Applying Later... Click to ApplyI AppliedDidn't Apply
Confirm your E-mail: Send Email
Apply for this job
Next Job »
All Jobs from Wolters Kluwer
5 Wolters Kluwer jobs in Bois
Next Job »
Search Jobs Wolters Kluwer Apply Later
Processing Unique Jobs for You: