Are you an expert in securing software within highly regulated environments? We are looking for a Senior Application Security SME for a major player in the Pharma/Life Sciences sector. In this role, you will lead the AppSec strategy for internally developed and SaaS applications, ensuring compliance and security in a complex, international landscape. You will act as the primary advisor for a Global Center of Excellence and spearhead the migration of critical security tooling to SaaS platforms.
* Location: Remote (Full remote possible within the EU, preference for Brussels time zone)
* Experience: 8+ years of relevant experience in IT Security/AppSec.
Typical Day
* Regular touchpoints (1–2 times per week) with the AppSec Center of Excellence to guide operations, review dashboards, and handle escalations
* Supporting application owners and developers with onboarding, tooling integration questions, and complex AppSec cases
* Driving improvements in AppSec processes, metrics, and documentation
* Leading or contributing to security tooling migrations (Invicti and Sonatype SaaS)
* Collaborating with stakeholders to define roadmaps and improve secure development practices
* Providing expert input on design security reviews, code review reports, and threat modeling when required
Ideal Candidate
* A senior Application Security professional who can take ownership of tooling and processes
* Comfortable acting as a subject matter expert and advisor, not just an operator
* Proactive in identifying gaps, proposing improvements, and driving initiatives forward
* Able to engage confidently with developers, architects, platform teams, and security leadership
* Capable of quickly mastering existing tools and new functionalities to maximize value
Must Have
* Strong experience in Application Security within a custom development context
* Solid understanding of AppSec tooling (e.g. Snyk, Invicti, Sonatype, Intigriti or equivalent tools)
* Experience with secure SDLC, secure coding concepts, and vulnerability management
* Ability to work at expert level without being fully hands-on daily, guiding a CoE instead
* Experience working in large / complex organizations with multiple stakeholders
* Strong communication skills in English
* Proactive and autonomous mindset
Nice to Have
* Prior experience with specific tools (Snyk, Invicti, Sonatype, Intigriti)
* Security certifications (AppSec, testing, or security-related)
* Pharma / life sciences exposure
* Familiarity with GxP concepts (not mandatory, limited impact)
* Exposure to GenAI / LLM security topics