Job Purpose and Summary
We are looking for two strong Application Security Leads to strengthen our Canon EMEA Information Security Department (EISD). These roles will be responsible for ensuring that our projects and applications are held to a high standard of security, by performing security reviews and assessments, providing education and guidance for the implementation of security controls, and by being a security thought leader for our IT initiatives.
What we give
With Canon, you'll get the support and encouragement you need to grow, from people who share your ambition. We'll invest in your professional development to help you learn and progress in your role with us. You'll find leaders who give you the freedom to explore new things and a team where knowledge is shared openly.
At Canon we have a clear vision: to be committed to creating a more inclusive and equitable culture where employees are valued and can thrive personally and professionally.
Canon also has a strong commitment to sustainability, encompassed by our Kyosei philosophy of living and working together for the common good, focused on reducing our environmental impact and creating opportunities to make positive social contribution.
As an Application Security Lead you will:
* Work closely with the business and IT stakeholders, and in close cooperation with all the functions in the Canon EMEA Information Security Department (EISD).
* Act as the security representative within project streams for new and upcoming initiatives.
* Conduct security architecture and design reviews.
* Translate security policies into security requirements for new and existing projects.
* Support project and development teams with relevant security knowledge.
* Assist with the implementation of security design principles.
* Guide development and project teams in the remediation of identified security deficiencies.
* Support the planning and execution of application pentests, and the follow-up of remediation measures.
* Recommend and assist in the implementation of security controls in the SDLC of supported applications.
What we ask
We are looking for the following in our future colleagues:
* Significant working experience in a technical capacity in a Security or IT department, preferably across multiple security domains.
* Demonstrable experience in performing security assessments and security design reviews.
* In-depth security knowledge of computer networks, infrastructure, and cloud platforms, mainly Azure and AWS.
* Experience in software development and Application Security.
* Knowledge and expertise in secure software development lifecycle (SSDLC) is highly desirable.
* Ability to understand, follow up and progress mitigation activities for security auditing reports, penetration testing reports and/or configuration reviews.
* Good stakeholder management and communication skills.
* Experience working in large international organizations and in handling large enterprise projects is a plus.
* Attention to detail.
* Skilled at working independently and collaboratively in a cross-functional environment.
* A continuous learning mindset, to stay up to date with the latest developments in the industry.
* Degrees and certifications are welcome, but are not required.
Knowledge in one or more of the following are highly desirable:
* Secure Architecture and Design principles
* Pentesting tools and techniques, and experience in performing pentests
* Threat Modelling
* Secure coding for common languages and platforms
* Security frameworks, such as OWASP, NIST CSF, CIS etc.
* Understanding of EU and international compliance requirements, such as GDPR, PCI-DSS, NIS2 etc.
* Containers and serverless technologies
You will need
Competencies
* Confident
* Problem Solving
* Team player
* Self-starter
* Apply Business Acumen
* Focus on the Customer
* Take Ownership and Accountability
Further Information
* Base pay - £67,296 - £ 79,171
* Bonus (10%) - A discretionary bonus scheme that rewards you as you help us achieve our goals.
* Learning & Development - As a Company that encourages continuous learning you will always have resources and support available.
* Work & Home Life Balance - We support with a minimum of 25 days holiday per year, holiday purchase and a flexible working policy.
* Diversity - We are an organization that delivers on a global scale, striving to create a diverse and empowered workforce that reflects the communities we serve.
* Health & Wellbeing - Free private healthcare, an Employee Assistance Programme, partnership with Mental Health First Aid UK with a network of mental health champions and discounted rates to Nuffield Health Gym.
* Employee discount - Up to 38% off products from our Canon store.
* Some other Benefits - Generous Pension, Canon Awards, Discount cards, Cycle to Work scheme, Season ticket loans and charity volunteer days
This role can be performed from either of our HQ locations in Amstelveen (The Netherlands) or Stockley Park (United Kingdom)
Canon champions hybrid working with and a flexible working policy. You will be part of an energetic and innovative environment with more than 50 different nationalities! Lastly you'll find that Canon encourages continuous Learning and Development with a wide range of resources and support available on demand.
Does this seem like a great fit for your career expectations? We're excited to hear from you! Even if you don't meet all the qualifications we still encourage you to apply.
#LI-hybrid
Job Family: IT Security
Job Grade: 13 Canon is an equal opportunity employer. Canon recruits, employs, trains, compensates and promotes regardless of race, religion, national origin, sex, disability, age, veteran status or other protected status as required by law. #J-18808-Ljbffr