Application Security Specialist

About the Job 

At Allianz Technology, our Information Security Operations team is the core driver behind our cybersecurity strategy, continuously developing global solutions to safeguard Allianz against evolving threats. As part of this mission, Allianz Vulnerability Management (AVM) plays a critical role in detecting, analyzing, and reporting vulnerabilities across business and technological systems

We are now looking for a more senior-level Application Security Specialist to join our Web Application Security team. In this role, you will lead large-scale web application security assessments, guide strategic remediation efforts, and provide expert consultancy to stakeholders. You will leverage your advanced expertise in application security to drive technology integration, promote secure SDLC processes, and ensure the protection of Allianz's business applications. This is an exciting opportunity for someone with a deep understanding of application security and a passion for tackling complex challenges.

What you do

• The Application Security Specialist will be part of the Web Application Security team– Allianz Vulnerability Management global Security Service, responsible for performing web application security assessments, vulnerability assessments, as well as providing consultancy and expert guidance to relevant stakeholders and tracking strategic and tactical remediation efforts.
• Perform large-scale, enterprise vulnerability assessments of web application security via Qualys WAS and similar tools
• Drive architecture and integration of the application assessment technology stack, API integrations with DevSecOps workflows and promote SDLC process.
• Guide organization and IT counterparts in resolution of the common exposures and vulnerabilities, provide expertise in mitigating actions and shielding of the business applications.
• Develop mitigation strategies and provide appropriate advice to solve existing issues and prevent future issues

What you bring

• Excellent knowledge of application security and SDLC process
• Excellent knowledge of industry-standard tools, methodologies and standards (OWASP TOP10)
• 3-5 years of hands-on experience with web application security testing
• 3-5 years of hands-on experience with Qualys Web Application Scanning (WAS), Nessus and similar tools
• Broad background in Application Security and Vulnerability Management end-to-end process, including WAFs
• Very good social and communication skills
• Familiarity with risk management process and ISMS frameworks (ISMS 27001)
• Develop internal and/or external documentation, such as detailed procedures, playbooks, and operational metrics reports
• You must possess and demonstrate the ability to work fully independently and solve complex problems or situations based on multiple sources of information,  volatile situations, uncertainty and ambiguity.
• Bachelor of Science in either Information Technology or Information Security or comparable education
• Very fluent in English language (business communication)

What we offer

• We offer a hybrid work model which recognizes the value of striking a balance between in-person collaboration and remote working incl. up to 25 days per year working from abroad.
• We believe in rewarding performance and our compensation and benefits package includes a company bonus scheme, pension, employee shares program and multiple employee discounts (details vary by location).
• From career development and digital learning programs to international career mobility, we offer lifelong learning for our employees worldwide and an environment where innovation, delivery and empowerment are fostered.
• Flexible working, health and wellbeing offers (including healthcare and parental leave benefits) support to balance family and career and help our people return from career breaks with experience that nothing else can teach.

About Allianz Technology

With its headquarters in Munich, Germany, Allianz Technology is Allianz's global IT service provider and delivers IT solutions that drive the group's digitalization. With more than 11,000 employees in over 20 countries around the world, Allianz Technology is tasked to run, optimize, transform, and innovate the infrastructure, applications, and services together with Allianz companies to co-create the best customer experience.

We service the entire spectrum of digitalization – from one of the industry's largest IT infrastructure projects that spans data centres, networks, and security, to application platforms ranging from workplace services to digital interaction.

In short: We deliver comprehensive end-to-end IT solutions for Allianz in the digital age. We are the backbone of Allianz.

Find us at: www.linkedin.com/company/allianz-technology.

D&I statement

Allianz Technology is proud to be an equal opportunity employer that embraces diversity and commits itself to creating an inclusive work environment for all.

We therefore welcome applications regardless of race, ethnicity or cultural background, age, gender, nationality, religion, social class, disability or sexual orientation, or any other characteristics protected under applicable local laws and regulations.

Join us. Let´s care for tomorrow.

You. IT.

To Recruitment Agencies:

Allianz Technology has an in-house recruitment team that sources great candidates directly. Therefore, Allianz Technology does not accept unsolicited resumes from agencies or search firm recruiters.

When we do work with recruitment agencies, that engagement is formalized by a contract. Fees will only be paid when there is a contract in place. Without a contract in place, we will not accept invoices on unsolicited resumes, even if the candidate was ultimately employed by Allianz.

75438 | IT & Tech Engineering | Professional | Non-Executive | Allianz Technology | Full-Time | Permanent