Job Specifications
Can’t wait to make an impact on the world? You’re not alone. Join us in driving progress in the working world and beyond. Your journey with us
The Application Security Compliance Engineer will play a key role in safeguarding the organization’s applications and systems by ensuring adherence to global and industry security standards. This role involves reviewing security documentation for new and existing applications, assessing their compliance posture, and providing expert guidance on remediation and secure development practices. The ideal candidate will have deep knowledge of application security, penetration testing methodologies, and secure software development lifecycle (SSDLC) frameworks.
Key Responsibilities:
Review and assess security documentation (e.g., security design reviews, risk assessments, and threat models) for new and existing applications.
Ensure that applications comply with internal Global Security Standards and external industry frameworks (e.g., ISO 27001, NIST, OWASP).
Collaborate with application development teams to integrate security into all stages of the SSDLC.
Analyze and validate results from DAST, SAST, and Open Source Software (OSS) scanning tools, ensuring findings are accurate and risk-prioritized.
Review and validate penetration testing findings, providing guidance on remediation steps and challenging results when discrepancies arise.
Partner with pen test teams, developers, and project managers to track and close security findings within defined timelines.
Provide expert advice on secure coding practices and assist in the evaluation of security controls in new applications or technologies.
Stay current with emerging threats, vulnerabilities, and application security trends.
Contribute to continuous improvement of the organization’s security review and testing processes.
Let's talk about you
Bachelor’s degree in Computer Science, Information Security, or related field (or equivalent practical experience).
4+ years of experience in Application Security, Penetration Testing, or Security Assessment roles.
Strong understanding of application security principles, OWASP Top 10, and common attack vectors.
Hands-on experience with DAST, SAST, and OSS vulnerability scanning tools (e.g., Burp Suite, Snyk, Checkmarx, Fortify, SonarQube, etc.).
Familiarity with secure coding standards and the Secure Software Development Lifecycle (SSDLC).
Ability to interpret and evaluate penetration testing results, identifying false positives and prioritizing true risks.
Excellent communication skills with the ability to articulate security risks to technical and non-technical stakeholders.
Strong analytical and problem-solving abilities with attention to detail.
Professional certifications such as OSCP, CEH, CISSP, CSSLP, GWAPT are plus
Understanding of cloud security principles (AWS, Azure).
Highly skilled and motivated professionals in our IT Team support with different projects to deliver innovative solutions and with specialized operational guidance to ease our internal clients each day. IT's mission is to embed technology which supports the 'Deloitte way' of doing business, providing a distinctive experience that enables new business, transforms the existing business and provides world class customer support.
Who is Deloitte?
We provide industry-leading audit and assurance, tax and legal, consulting and related services. We are committed to driving innovation across offerings to help our clients address their challenges, while giving our professionals opportunities to learn and grow in this era of transformation.
In Belgium, +5000 dedicated professionals active in +10 offices, take great pride in bringing multidisciplinary expertise to a wide variety of clients, from national and international companies, small, fast-growing and large organizations to public institutions and governmental authorities.
Why Deloitte?
Be the true you! We foster diversity and inclusion and encourage you to bring your authentic self to work. Explore, question and collaborate while building a career that inspires and energises you.
Never stop growing! Diversity of thought makes us stronger. At Deloitte, we tailor a personalized learning experience, offering you the opportunity to grow at your own pace and achieve maximum impact.
We practice what we preach! As a Purpose-led organisation, at the heart of everything we do is a set of timeless principles and unifying values.
Life looks different for each of us, so we created a varied benefits package that you can tap into:
My Benefits My Choice, a flexible rewards plan tailored to your lifestyle and priorities
Sustainable transport options offered by Mobility@Deloitte
Flexible work arrangements for all and initiatives supported by Parents & Caregivers @Deloitte
Wellbeing tips and activities powered by Energise@Deloitte
Topped off with other health benefits and insurance opportunities
Empowering our employees with flexible work arrangements remains essential