About the role

Application Security Lead ensuring high security standards for Canon's projects and applications. Leading discussions, designs, and testing throughout the IT lifecycle.

Responsibilities

Act as the security representative within project streams for new and upcoming initiatives, translating security policies into risk controls for new and existing projects.
Conduct security architecture and design reviews.
Support project and development teams with relevant security knowledge
Assist with the implementation of security design principles.
Guide development and project teams in the remediation of identified security deficiencies.
Support the planning and execution of application pentests, and the follow-up of remediation measures.
Be accountable to business and IT for the planning and execution of application pentests, and the follow-up of remediation measures.
Recommend and assist in the implementation of security controls in the SDLC of supported applications.
Manage the technical security auditing process within Canon’s internal IT transformation program as well as Canon’s B2C program and ensure auditing follow up and mitigation actions.
Manage risks for the area for which they are responsible for and ensure that the overall risk in the portfolio is known and decreasing.
Be visible in the information security industry, by participating in industry events, driving Canon’s vision to be a thought leader in information security

Significant working experience in a technical capacity in a Security or IT department, preferably across multiple security domains.
Demonstrable experience in performing security assessments and security design reviews.
In-depth security knowledge for cloud platforms, mainly Azure and AWS.
Experience in software development and Application Security.
Knowledge and expertise in secure software development lifecycle (SSDLC) is highly desirable.
Ability to understand, follow up and progress mitigation activities for security auditing reports, penetration testing reports and/or configuration reviews.
Good stakeholder management and communication skills.
Experience working in large international organizations and in handling large enterprise projects is a plus.
Attention to detail.
Ability to work independently and as part of a team.
A continuous learning mindset, to stay up to date with the latest developments in the industry.
Degrees and certifications are welcome, but are not required.
Specific security & IT skills:
Secure Architecture and Design principles
Pentesting tools and techniques
Threat Modelling
Secure coding for common languages and platforms
Security frameworks, such as OWASP, NIST CSF, CIS etc.
Understanding of EU and international compliance requirements, such as GDPR, PCI-DSS, CRA etc.
Containers and serverless technologies

Performance-Based Bonus of 12.5%
31 Days of Annual Holiday: Enjoy a healthy work-life balance with plenty of time to recharge.
Pension Plan: Secure your future with our comprehensive pension scheme.
Bicycle Plan: Save on transportation costs while staying active and eco-friendly.
Hybrid Working: Flexibility to work 3 days in the office and 2 days from home.
Commuting: Full coverage of public transport costs or partial reimbursement for car expenses (if you commute by car).
Exclusive Discounts: Up to 40% off on Canon products.
Free On-Site Parking: Convenient parking spaces available for those who drive to work.
Subsidized Restaurant: Enjoy healthy, affordable meals at our excellent on-site restaurant.
Subsidized Starbucks Coffee to keep you energized throughout the day.
Fresh fruit to support your health and productivity.
On-Site Gym: Access our fully-equipped gym, free for all employees.
Canon Social Club: Join sport and cultural activities with colleagues.
Learning & Development Opportunities: We’re committed to helping you grow, with plenty of support for your personal and professional development.