Application Security Expert

Flexible, Hasselt
Security, Software Development
Professional

Do you like to conduct application penetration testing and identify vulnerabilities?  Would you like to proactively perform threat modeling for new and existing applications?

  • Application Penetration Testing: You will perform manual and automated application penetration testing against web applications,  APIs and mobile applications to identify vulnerabilities, business logic flaws and chained attack vectors
  • Threat Modeling: You will lead threat modeling sessions, using methodologies like STRIDE and PASTA to identify, analyze and prioritize threats in application architectures
  • Security Assessments: You will conduct comprehensive application architecture, source code reviews and vulnerability assessments to validate security controls
  • Remediation Guidance: You will collaborate with developers and product teams to explain complex vulnerabilities, provide actionable remediation guidance and verify security fixes
  • Detection Engineering: You will provide our Detection Engineering team with propositions for the development of detection logic to increase coverage of our application security monitoring practice
  • Tooling: You will leverage penetration testing tools (Burp Suite Pro, OWASP ZAP, …) and develop scripts (Python, Bash, …) to automate testing tasks and improve efficiency. You will develop data flow diagrams (MS Threat Modeling Tool, OWASP Threat Dragon, …) and research new application security solutions to add to our toolkit.

What you need to succeed:

  • You have at least 3+ years of recent hands-on experience in application penetration testing and threat modeling
  • You have proven experience in conducting and facilitating threat modeling workshops and integrating threat modeling into the SDLC
  • You have a deep understanding of OWASP ASVS, web/mobile app security and cloud security architectures (AWS, Azure and GCP) as well as threat modeling methodologies like STRIDE, PASTA, …
  • You have a degree in Computer Sciences, Information Security or equivalent by experience
  • Certifications like GWAPT, GXPN, GMOB, Burp Suite Certified Practitioner, OSWA, OSWE, … are highly appreciated
  • You have excellent written and verbal communication skills in English and preferably Dutch
  • You are able to coordinate penetration testing and threat modeling assignments, as well as translating complex technical findings into actionable reports for stakeholders
  • You work collaboratively with cross-functional teams (developers, application owners, managers, …) in a fast-paced environment.

What are we offering:

  • You will be joining a true Top Employer
  • Year after year, Whitelane Research confirms Cegeka’s position as a reliable and leading IT services partner. In 2026, we achieved first place in Security Services for the fourth consecutive year, and a shared second place in both Cloud & Infrastructure Services and Network & Connectivity
  • We ask a lot of (talents) from you. Fortunately, you also get a lot in return! Competence and character are essential to us, in addition to experience and ambitions. Cegeka continuously invests in talent management so that every employee can realize their potential
  • We use a framework aimed at fair compensation, ensuring employees are paid based on their role, experience, and performance, regardless of gender or other non-job-related characteristics.  An electric car with charge card or a mobility budget, meal vouchers, eco vouchers, an interesting group and hospitalization insurance, a mobile phone subscription, a fixed expense allowance, a powerful laptop and the option to give your salary package your own accent thanks to our Flex Reward Plan
  • Flexible working hours and a nice work/life balance
  • A top team: in which new fresh ideas and initiatives are always welcome! Team events, happy hours and an increasingly legendary company party are also part of this
  • Continuous learning: knowledge sharing meetings, participation in conferences and external training. Knowledge sharing and learning are key! Depending on your own interests and initiatives, Cegeka offers various horizontal and vertical career paths
  • We value sustainability by pursuing carbon neutrality with the electrification of our fleet and an environmentally friendly data center. We develop innovative solutions with a positive impact on the environment, people and society, and strive for an inclusive and diverse work environment where everyone is valued and heard.

Benefits

Market-compliant salary with attractive extra benefits.

Continuous learning via hackathons, innovation centers, events,...

Flexible working hours supporting your work/life balance.

Career growth with horizontal and vertical development paths.

Hybrid work model blending office and remote work efficiently.

Personal guidance from managers, coaches, and sparring partners.

ESG: lower emissions, foster inclusion and drive sustainability in IT.

Cegeka proudly holds the Top Employer certificate.

Team events, happy hours, sports events, and epic company festival.

Application flow

1. Apply

If the role is interesting apply, or get in touch with the dedicated recruiter for more details.

2. Assessment

Our Recruitment team will take a look at your application and let you know the next steps.

3. Meet us

Within two steps we will meet and we can discover together if we are a match on both sides.

4. Time to start!

Accepted our proposal? Great! We look forward to working with you.

Do you have any questions about this role?

Let's connect.

Inge Feytons

inge.feytons@cegeka.com
+3211240234
LinkedIn