Who we are
Approach Cyber is a trusted cyber resilience partner supporting organisations across Belgium and Switzerland.
With more than 25 years of experience, over 100 experts, and ISO 27001 and ISO 27701 certifications, we help companies face an increasingly complex digital world where threats accelerate, regulations expand, and resilience becomes essential.
We uniquely combine strategic advice, offensive and defensive expertise, SOC operations, and product engineering with the sovereign AXS Guard managed security platform.
This allows us to continuously evolve our technologies based on real incidents and real operational experience, while integrating selected third-party solutions when relevant, always under our governance.
By bringing together strategic advice, adaptive security technologies, and continuous operational defence, Approach Cyber delivers end-to-end cyber resilience and true digital peace of mind.
Who we are looking for
As an Application Security Consultant, you will integrate our Application Security services.
Together with our 15 experts, we develop, maintain, support and host Specialized Softwares. Our expertise is two-fold:
* Proposing our expertise to clients' development teams in securing their Software Development Life Cycle (SSDLC or Secured-SDLC).
* Developing highly secured softwares (Security by design) based on customer's requirements (e.g. itsme – authentication app) ;
In this frame, we are recruiting an Application Security Consultant who will play a key role in our application security services growth over the next years.
Your role
As an Application Security Consultant your main role will be to act as a Security Champion for our customers.
This means:
* Operationalise (technically) the concept of Security by Design/Default in its four components: the availability of applications and underlying systems, the integrity (non-alteration) of data, the confidentiality (non-disclosure) of data and processing, and finally the traceability of actions performed on the system.
* Give guidance on establishing a secure software development lifecycle (Secure-SDLC / DevSecOps),
* Help development teams to integrate application security best practices (e.g. OWASP ASVS), and security tooling/processes in their development pipeline (SAST, DAST, SCA, CVE follow-up, ...),
* Ensure that the security requirements of all the components of a solution are properly identified based on the requirements issued, the Information Systems Security Policy and best practices.
* Assist architects in designing secure solution components, considering the client's application and business context, and the technologies available on the market.
* Contribute to assess an existing SDLC (i.e., SAMM Assessment)
* Verify the application of security requirements, in particular security test scenarios. Ensure that tests are carried out before any production launch.
* Provide security support in specific areas of expertise.
* Finally animate training and coaching sessions to new security champions at client.
Depending on your interests and personality, you might be interested in taking on more responsibility within our organisation. And that's exactly the opportunity Approach offers you!
You could bring your energy on Solution Owner responsibilities explained as:
* Technology watch: You will follow new tools, technical evolutions and industry trends, and share your knowledge with the team. This proactive approach will ensure that our offerings remain cutting-edge, relevant, and aligned with our clients' ever-evolving needs.
* Relationships strengthening with our trusted business partners/suppliers: You will evolve to become our key representative in application security associations, or during application security events/conferences/meetings.
* Asset creation: Developing new assets and methodologies to complement and enhance our solutions will soon be part of your responsibility. These assets and methodologies will not only increase the efficiency of our solutions but also support and empower your colleagues in delivering high-quality results.
* Presales engagements: Participate in presales meetings around application security and help our Sales team in defining our customers' needs.
Based on the current business dynamic through this team and our people organisation itself, you could also take other responsibilities as Technical Leader for a part of our current team and so become a key technical player.
This role include:
* Mentorship on application security projects: Providing guidance and mentorship to team members, especially those less skilled in application security, will be crucial. Your support will be to help them navigate complex missions, leading their professional growth and ensuring successful project outcomes.
* Support on development and devops projects: Bringing a higher view to support and help our developers on their development and devops tasks, make technology choices or debug some scenario's on technologies like .NET, Angular, Azure, Azure devops, OAuth (KeyCloak), ...
YES, you read it right. This isn't just a job to be done, but a project to be completed.
And this project will certainly take your career to the next level.
Your profile
* Significant experience, which we estimate to be 5-6 years, giving you the opportunity to work in a variety of technical environments and improve your skills in application security technologies.
* You have hands-on knowledge in development, whatever the language. We need a jack of all trades who has gained experience in a variety of technical environments. For your information, at Approach we mainly use C# (.NET), Javascript (Angular) and Java (Spring).
* You have a proven skillset on application security technologies, concepts and best practices. OWASP website is in your browsers' favourites. You've already being involved in implementing a SAST/DAST (Fortify, Sonarqube or equivalent), you've made vulnerabilities follow-up, devsecops, web app security, SSDLC (Secure-SDLC), application security by design, ...
* You have professional working knowledge of both written and spoken English, and one of our main national languages (French or Dutch).
Mindset:
* Strong self-motivator and entrepreneurial pro-active attitude
* Strong analytical and problem-solving skills
* Natural team player, together with project management and presentation skills.
* Ambassador for the professional values that are at the heart of our philosophy:
* TOP-NOTCH We strive for best-of-the-best while staying up to date with the latest technology.
* HUMAN-CENTRIC We care about people in the digital world, listening before interacting respectfully in a responsible environment.
* NO-NONSENSE We go for it, we work together, we are committed to deliver, to exceed expectations.
Our offer
* Join a dynamic and fast-growing company in a booming sector
* Participate in the development of the company as an internal entrepreneur in your own team
* Develop your career path in a diversified function combining commercial development, people management and strategical impact.
* Enjoy a company that put a priority to learning opportunities and continuous trainings.
* Benefit from an attractive salary package, including a full range of benefits :
* A CDI contract
* A mobility budget or a company car, according to your function level
* A competitive group insurance including pension fund, death, and disability coverage,
* An attractive complementary insurance for non-work-related accident and loss of salary in case of sickness, company fully supported contribution
* 32 days holiday/year (on a fulltime equivalent basis)
* A flexible home working policy
* Other fringe benefits (meal vouchers, eco vouchers, ...)
* Fun company events, exclusive team experiences
* Contribute to a safer, fairer world for data subjects and citizens, ensure the serenity of great businesses and essential public institutions
* Live your values daily in a dynamic, fun and multicultural working environment.
Interested ?
Don't wait, send us your CV and application to jobs@approach-cyber.com. Join us in our commitment to ensuring cyber serenity and contributing to a safer digital world.