Application Security Engineer

#Bethedifference

If making the difference matters to you, then you matter to us.

Join us, at Wolters Kluwer, and be part of a dynamic global technology company that makes a difference every day. We’re innovators with impact. We provide expert software & information solutions that the world’s leading professionals rely on, in the moments that matter most.

Wolters Kluwer is a global leader in information services and solutions for professionals in the finance, tax and accounting, risk and compliance, health and legal sectors. We help our customers make critical decisions every day by providing expert solutions that combine deep domain knowledge with specialized technology and services.

Wolters Kluwer is seeking a skilled Application Security Engineer to join our Security team and play a crucial role in ensuring the security of our systems and applications. As a Security Engineer, you will collaborate closely with product teams, developers, and operations to integrate security into all aspects of our software development lifecycle.

Responsibilities:

• Conduct ethical hacking, penetration testing, and vulnerability assessments to identify and mitigate security risks across our network, cloud environments, and applications.
• Design and implement security controls and processes for cloud environments, focusing on identity and access management, encryption, network security, and logging.
• Collaborate with development teams to integrate security best practices into the software development lifecycle, including threat modeling, secure coding guidelines, and security testing automation.
• Manage and configure web application firewalls (WAFs) to protect against web-based attacks and intrusions.
• Work with other security engineers, penetration testers, and information security analysts to address security vulnerabilities and incidents.
• Develop and conduct security training and workshops for development teams, focusing on topics such as secure coding practices and social engineering awareness.

Requirements:

• Bachelor's degree in computer science, information technology security, or a related field.
• Security certifications such as Offensive Security Certified Professional (OSCP), Certified Ethical Hacker (CEH), or equivalent.
• 3+ years of experience in product security engineering, cloud security, or ethical hacking.
• Proficiency in cloud platforms such as AWS, Azure, or Google Cloud Platform, and experience with security automation and infrastructure-as-code tools.
• Strong understanding of security principles and best practices, including OWASP Top 10, encryption, cryptography, and security testing methodologies.
• Hands-on experience with security testing tools and techniques, including SCA, SAST, IAST/DAST, and web application security testing.
• Excellent problem-solving skills and the ability to work in a fast-paced environment.

Nice to have:

• Certifications such as Microsoft Azure Security Technologies (AZ-500), AWS Certified Security – Specialty, or Certified Cloud Security Professional (CCSP).
• Experience with container security technologies such as Docker and Kubernetes.
• Familiarity with security compliance frameworks such as NIST CSF, ISO 27001, ENS.