Manpower Group, in collaboration with F2A, part of the SD Worx group, is looking for a UN Security Engineer (m / f / x)to join the Milan office.We are looking for an Application Security Specialist to support us in building a best in class application security program from our SD Worx Italy (F2A) headquarters in Milano.The function is open for people from diverse professional background (e.g. development / test / consulting experience) and we are willing to adapt and further grow the function based on the experience and interests of the candidate.You will be working on the following major activities :Assessment and improvement of the maturity of development teams in the use of pentesting, bug bounty, threat modeling architecture reviews, and optionally code reviewGuiding and assisting product development teams in building increasingly secure applications and in improving the security of current productsContributing to security by design & by default and converting this into a continuous improvement process by focusing on awarenessFollowing up on secure product development practices and trends and provide suggestions to further improve our secure development processesAssisting in defining standards for security application development lifecycleImproving automated security testing through various methods and toolsRelevant topics : AppSec, IT Security, SDLC, Agile, DevOps, Penetration testing, Pentest, Security Breach, Ethical hacker, Threat Modeling, OWASP, Application Security, Web Application Testing, Security Testing Automation, TLS, Veracode, SAST, DAST, API, Bug bounty, vulnerability managementAt least 3+ years of experience in software engineeringPrevious coding experience in at least one languageExcellent understanding of web applications, web servers, layer 7 application technologies, frameworks and protocols with respect to application development and deploymentYou are familiar with the foundations of secure development and application security (AppSec / DevSecOps) concepts and practices and you are curious to learn more in this fast changing fieldYou are confident in coaching your fellow software engineersExperience in preventing and mitigating application security vulnerabilities, and more specifically with concepts such as OWASP Top 10 and CWE Top 25Penetration testing and bug bounty experience is beneficial but not requiredPersonal Competences :Fast learner that is not afraid to continuously learn new skills and adapt to a fast changing environmentYou are a team player that is interested in working with product developers or product owners to improve their application security skillsYou take initiative and like to get things doneYou are able to take a pragmatic approach in order to come up with solutions which are simple and feasible while keeping the end user in mindGood English and Italian language skillsOn site or remote working
#J-18808-Ljbffr