Security engineer

Mission Overview:Keystone Solutions is hiring a Security Engineer focused on Application Vulnerability Management for a consultancy mission at a banking-sector client in Brussels. As a Keystone Solutions consultant, you will drive the end-to-end lifecycle of application security vulnerabilities, partnering with development, architecture, risk, and operations teams at the client to embed secure-by-design practices, reduce risk, and strengthen regulatory compliance within a complex enterprise environment.Consultancy Nature of Work:This is a consultancy role delivered by Keystone Solutions on-site and in hybrid mode at the client’s Brussels location. You will represent Keystone Solutions while integrating with the client’s product, platform, and risk stakeholders, bringing our standards, values, and best practices to every engagement. Expect direct interaction with senior business and technology leaders, clear delivery objectives, and the opportunity to influence and improve the client’s secure SDLC and vulnerability management processes.Key Responsibilities:Own and operate the application vulnerability management lifecycle for the client, from detection and validation to prioritization, remediation tracking, and closure.Run, tune, and continuously improve application security testing across SAST, DAST, SCA, container and cloud scanners, and manual validation where needed.Perform triage of findings (false positive analysis, deduplication, exploitability assessment), apply CVSS scoring, and align with risk appetite, SLAs, and regulatory expectations.Collaborate with development and platform teams to plan and implement remediations, workarounds, or compensating controls; support patch management coordination where applicable.Integrate and automate vulnerability workflows with CI/CD pipelines and ticketing systems to enable shift-left and continuous security testing.Define and maintain secure coding standards, OWASP ASVS-aligned requirements, and guardrails; contribute to threat modeling and secure design reviews for critical applications.Coordinate targeted penetration tests, support red team exercises, and manage bug bounty triage in alignment with the client’s policies.Establish dashboards and KPI/KRIs for application security posture; create executive and technical reporting for risk committees and product owners.Manage exception processes and risk acceptance with time-bound remediation plans and temporary controls.Contribute to policy and process improvements aligned to OWASP, NIST SSDF, ISO/IEC 27001/27034, and banking regulatory frameworks (including DORA readiness).Provide hands-on guidance, secure coding clinics, and knowledge transfer to engineering teams to foster a strong security culture.Respond to emerging threats and zero-day exposures with rapid assessment, impact analysis, and interim mitigation strategies.Ensure segregation of duties, proper access management for security tools, and data protection throughout scanning and reporting.As a Keystone Solutions consultant, document and communicate deliverables clearly, uphold consulting quality standards, and support continuous improvement across the client engagement.Required Skills and Experience:Proven experience in application security or vulnerability management in complex, regulated environments (financial services experience strongly valued).Deep knowledge of OWASP Top 10, OWASP ASVS, CWE, and practical remediation strategies for web, API, and mobile vulnerabilities.Hands-on with application security tooling such as SAST (e.g., Checkmarx, Fortify), DAST (e.g., Burp Suite, OWASP ZAP), SCA (e.g., Snyk, Black Duck), container and IaC scanners, and code review practices.Solid understanding of secure SDLC and CI/CD integration (e.g., GitLab/GitHub/Azure DevOps), including automation of security gates and quality thresholds.Ability to analyze risk using CVSS, map to business impact, and prioritize remediation according to SLAs and regulatory constraints.Familiarity with frameworks and standards relevant to banks, such as NIST SSDF, ISO/IEC 27001/27034, PCI DSS (where applicable), and DORA preparedness.Practical knowledge of at least one major programming ecosystem (e.g., Java, .NET, JavaScript/TypeScript, Python) to propose concrete remediation guidance.Experience with ticketing and reporting workflows (e.g., Jira, ServiceNow) and building stakeholder-centric dashboards.Strong communication skills to explain risk and remediation trade-offs to both engineers and non-technical stakeholders.Fluent in English; French and/or Dutch is an asset in the Brussels context.Nice to Have:Knowledge of cloud security for AWS, Azure, or GCP and associated application scanning approaches (serverless, containers, Kubernetes).Experience coordinating or performing penetration testing and threat modeling at scale.Certifications such as CISSP, CSSLP, GWAPT, OSWE, or equivalent practical track record.Exposure to data protection and privacy-by-design in application architectures.Dynamic Projects:Work on diverse products within the client’s application landscape, from customer-facing banking portals and APIs to internal platforms and microservices.Address varied technology stacks and delivery models, enabling you to broaden your technical and consulting toolkit.Contribute to future Keystone Solutions missions across other clients and sectors as your journey progresses.Turbo-Charged Learning and Development:Continuous learning culture with access to curated training paths, certifications support, peer coaching, and knowledge-sharing communities.Guidance from senior Keystone Solutions consultants and practice leads to accelerate your technical depth and consulting impact.Ambition Skyrocketing within a Consultancy Framework:A clear growth path through increasing mission complexity, ownership of client outcomes, and the opportunity to mentor others.Recognition for measurable impact—improving security posture, reducing risk exposure, and elevating secure engineering maturity at client sites.Emphasizing Keystone Solutions’ Values in a Consultancy Context:We deliver with integrity, excellence, and empathy—being a K-Stone means bringing these values to every client interaction.We collaborate openly, challenge constructively, and champion pragmatic security that enables the client’s business.We take ownership end-to-end, ensuring traceable outcomes, clear communication, and sustainable improvements.Practical Details:Location: Brussels, client site in the banking sector; hybrid on-site/remote according to client policy.Engagement: Full-time consultancy mission through Keystone Solutions, with the possibility of subsequent projects across our client portfolio.Start: As soon as available, aligned with client onboarding timelines.If you are ready to tackle technical and strategic challenges in a dynamic consultancy environment, apply today at Keystone Solutions Career Portal.