Application Security and SSDLC professional


Vacature informatie

Bedrijf: Deloitte

Locatie: Amsterdam


Arbeidsvoorwaarden: Marktconform


Your function as application security and SSDLC professional

The first SQL injection became known to the world around Christmas 1998.  Almost 20 years later, the world of software and application security is still extremely complex, challenging, and attractive for hackers as well as skilled security software engineers. The Deloitte Netherlands Cyber Secure team provides consulting services to customers across the industries (from multinational corporations to small regional players), working together on the quest of increasing the security in software and applications. We are looking for builders, breakers and defenders.  

Topics and type of engagements you can expect to work on:

  • Manual security code reviews.

  • API security.

  • Static and Dynamic application security test using tooling such as Checkmarx, Fority, Webinspect, Veracode, and others.

  • Building security into the software development life cycle, and Agile SCRUM sprints.

  • Security within Continuous integration, development and releases processes.

  • Providing secure coding training to customers.

  • Vulnerability management.

  • SSDLC.

  Role related activities

  • Directing team members in terms of content and professional skills.

  • Be able to communicate a strong vision towards clients regarding SSDLC.

  • End to end project management of SSDLC related projects.

  • Perform a QA role on project deliverables and provide a high quality result.

  • Financial monitoring of projects you manage.

  • Advise customers and propose technical solutions which both fit within the customer environment and that might be integrated with other Cyber Risk Advisory services.

  • Client relationship management.

  • Manage relations with market, suppliers and SSDLC security expert groups.

  • Be proactive on the topic of business development and acquisition of new projects and in your field of expertise.

  • Adding value to commercial processes and expanding the network of senior stakeholders at our clients.


Candidates should have at least a Computer Science (Bachelors) degree or similar and a drive to keep developing themselves. Education as Application Security professional will never stop and we expect our professionals to keep developing themselves and keep up-to-date with current techniques and new vulnerabilities.  In exchange, we provide an extensive training and development program, access to conferences. We welcome you in our Capture the Flag Hack.ERS team.

We expect understanding of security concepts (e.g. OWASP, SANS, CVE) and experience and passion in software engineering (coding background).

As the majority of the work will be performed on-site for Dutch and international client base, we expect strong communication skills, and professional proficiency of the English language.

  What are we looking for?

  • Minimum 6 years of relevant work experience

  • Knowledge of secure software development processes, such as SAMM, BSIMM, ISO27034.

  • Extensive experience in conducting and managing SSDLC projects.

  • Good leader, excellent communication skills (spoken and written), the ability to lead a project, able to head teams (Customer and/or Deloitte team) and build good business relations.

  • A holistic understanding of security, good overview of all aspects within security (prevention, detection and response) and relevant certifications (such as such GICSP, CISSP, CISM) are value added.

  • A team player who is eager to both experts in their own field, as well as with experts from other Deloitte collaborate on the best solutions for our customers.

  • Experience in working in a commercial environment is a plus.

  • Stress-resistant, flexible and accurate.

Above all, we are looking for a new colleague who combines a passion for security with a keen interest in creating secure software. Do you want to combine fast software development with creating secure software? Do you think security should help organizations to move faster? Then we might share the same line of thinking and approach and would love to get to know you!


We are a team of technology enthusiasts, hackers yet professionals who are passionate in helping our customers improve and become ready to enter the world of hacktivists, organized crime, and even nation state actors.  We work as part of one big team of more than a 100 geeks, where each has its area of expertise: SSDLC, red teaming, medical device security, SCADA, incident response, infrastructure protection, cloud security, etc. We collaborate, share and learn from each other.

Your career path at Deloitte

With offices throughout the Netherlands and well over 5,500 employees, Deloitte is a leading firm in Audit, Tax, Consulting, Risk Advisory and Financial Advisory. Our auditors are market leaders in several market segments. It means you will be working with ambitious, highly educated colleagues, often in multidisciplinary and international teams. Our business culture is pleasant, open and leaves much room for innovation and starting your own initiatives. Our employment benefits suit your ambition and needs and include an excellent leased car scheme, a laptop, an Iphone, and an excellent pension scheme. Top talent rises fast in our organization. Of course we will help you where we can, with a balanced training program, a customized competence model and continuous feedback.

Vacature informatie

Bedrijf: Deloitte

Locatie: Amsterdam


Arbeidsvoorwaarden: Marktconform


Meer vacatures