Application Security Engineer
Solliciteren
Plaats
Brussel1000
Brussel
België
Contract
Vooltijds, Onbepaalde duurDatum gepubliceerd
2026-02-14Online to:
2026-04-15EUR 20.00 HOUR
Application Security Engineer
On-site role (up to 2 remote days/week after onboarding)
Freelance mission – 12 months renewable
Daily rate: €650–€750 (depending on experience)
About the Role
We are looking for a hands-on Application Security Engineer to strengthen security across our software development lifecycle within a high-availability healthcare software environment.
This is a technical practitioner role, not purely governance or advisory. You will work directly with application code, libraries, configurations, and CI/CD pipelines to remediate vulnerabilities and help development teams build secure software by design.
You will collaborate closely with:
IT Development & Application Teams
Infrastructure & DevOps Teams
Cybersecurity Team (prioritized vulnerability backlog)
OS-level Security Engineers
If you enjoy working at the intersection of Security, Engineering, and DevSecOps, this role is for you.
Your Mission
Own vulnerability remediation after triage and drive continuous application security improvements across the organization.
Key Responsibilities
Vulnerability Analysis & Remediation
Analyze and remediate vulnerabilities from SAST, DAST, SCA tools, pentest reports, Qualys, and similar scanners
Fix issues directly in application code, middleware, configurations, libraries, and dependencies
Distinguish real risks from false positives
Resolve dependency conflicts and legacy component challenges
Secure Software Development
Perform secure code reviews
Conduct architecture security assessments
Participate in threat modeling sessions
Support secure design decisions
DevSecOps & CI/CD Integration
Integrate security tooling into CI/CD pipelines (GitLab, Azure DevOps)
Implement security gates and automated controls
Automate vulnerability detection and prevention
Contribute to DevSecOps maturity improvements
Security Maturity & Technical Debt Reduction
Reduce technical debt via structured remediation
Provide risk-based remediation recommendations
Improve overall application security posture
Tech Environment
CI/CD & DevOps: GitLab, Azure DevOps, Docker, Kubernetes
Security Tooling: SAST / DAST / SCA, Qualys, pentest tooling
Tech Stack: Java (Spring Boot), , TypeScript, Angular, .NET (nice to have), Python (nice to have)
Standards: OWASP Top 10, secure coding frameworks
Environment: Local data center – high-availability healthcare software systems
Required Profile
Technical Background
Strong software engineering foundation (able to read and modify production code)
Proven experience in application security or secure development
Solid understanding of OWASP Top 10 vulnerabilities
Hands-on remediation at code and configuration level
Experience integrating security into CI/CD pipelines
Strong DevSecOps mindset
Ability to prioritize vulnerabilities based on risk
Soft Skills
Comfortable in high-availability environments
Strong collaboration with development and infrastructure teams
Structured, pragmatic, solution-oriented mindset
Clear technical communication
Languages
English: Full professional proficiency
French: Professional working proficiency
Nice to Have
Threat modeling methodologies
Cloud security exposure
Enterprise vulnerability management experience
API / middleware security knowledge
Familiarity with IAST or modern SaaS security testing platforms
Freelance mission – 12 months renewable
Daily rate: €650–€750 (depending on experience)
About the Role
We are looking for a hands-on Application Security Engineer to strengthen security across our software development lifecycle within a high-availability healthcare software environment.
This is a technical practitioner role, not purely governance or advisory. You will work directly with application code, libraries, configurations, and CI/CD pipelines to remediate vulnerabilities and help development teams build secure software by design.
You will collaborate closely with:
IT Development & Application Teams
Infrastructure & DevOps Teams
Cybersecurity Team (prioritized vulnerability backlog)
OS-level Security Engineers
If you enjoy working at the intersection of Security, Engineering, and DevSecOps, this role is for you.
Your Mission
Own vulnerability remediation after triage and drive continuous application security improvements across the organization.
Key Responsibilities
Vulnerability Analysis & Remediation
Analyze and remediate vulnerabilities from SAST, DAST, SCA tools, pentest reports, Qualys, and similar scanners
Fix issues directly in application code, middleware, configurations, libraries, and dependencies
Distinguish real risks from false positives
Resolve dependency conflicts and legacy component challenges
Secure Software Development
Perform secure code reviews
Conduct architecture security assessments
Participate in threat modeling sessions
Support secure design decisions
DevSecOps & CI/CD Integration
Integrate security tooling into CI/CD pipelines (GitLab, Azure DevOps)
Implement security gates and automated controls
Automate vulnerability detection and prevention
Contribute to DevSecOps maturity improvements
Security Maturity & Technical Debt Reduction
Reduce technical debt via structured remediation
Provide risk-based remediation recommendations
Improve overall application security posture
Tech Environment
CI/CD & DevOps: GitLab, Azure DevOps, Docker, Kubernetes
Security Tooling: SAST / DAST / SCA, Qualys, pentest tooling
Tech Stack: Java (Spring Boot), , TypeScript, Angular, .NET (nice to have), Python (nice to have)
Standards: OWASP Top 10, secure coding frameworks
Environment: Local data center – high-availability healthcare software systems
Required Profile
Technical Background
Strong software engineering foundation (able to read and modify production code)
Proven experience in application security or secure development
Solid understanding of OWASP Top 10 vulnerabilities
Hands-on remediation at code and configuration level
Experience integrating security into CI/CD pipelines
Strong DevSecOps mindset
Ability to prioritize vulnerabilities based on risk
Soft Skills
Comfortable in high-availability environments
Strong collaboration with development and infrastructure teams
Structured, pragmatic, solution-oriented mindset
Clear technical communication
Languages
English: Full professional proficiency
French: Professional working proficiency
Nice to Have
Threat modeling methodologies
Cloud security exposure
Enterprise vulnerability management experience
API / middleware security knowledge
Familiarity with IAST or modern SaaS security testing platforms
Meer banen van je zoekopdracht
Application Security Engineer
- Brussel
- 14 februari 2026
Cybersecurity Specialist
- Brussel
- 12 februari 2026