PManpower Group, in collaboration with SD Worx, is looking for a bSecurity Engineer (m / f / x) /b to join the Milan office. /ppWe are seeking an Application Security Specialist to support the development of a best-in-class application security program at our SD Worx Italy (F2A) headquarters in Milano. /ppThe role is open to candidates from diverse professional backgrounds (e.g., development, testing, consulting), and we are willing to adapt and grow the function based on the candidate's experience and interests. /ppbKey responsibilities include: /b /pulliAssessing and improving the maturity of development teams in pentesting, bug bounty, threat modeling, architecture reviews, and optional code review. /liliGuiding and assisting product development teams to build more secure applications and enhance current product security. /liliContributing to security by design by default, fostering continuous improvement through awareness. /liliMonitoring secure product development practices and trends, providing suggestions for process enhancements. /liliDefining standards for the security application development lifecycle. /liliEnhancing automated security testing methods and tools. /li /ulpuRelevant topics include: /u AppSec, IT Security, SDLC, Agile, DevOps, Penetration testing, Ethical hacking, Threat Modeling, OWASP, Web Application Testing, Security Testing Automation, TLS, Veracode, SAST, DAST, API, Vulnerability management. /ppbTechnical competencies required: /b /pulliAt least 3+ years of experience in software engineering. /liliPrevious coding experience in at least one programming language. /liliStrong understanding of web applications, servers, layer 7 technologies, frameworks, and protocols related to development and deployment. /liliKnowledge of secure development and application security (AppSec / DevSecOps) principles, with a curiosity to learn more in this evolving field. /liliAbility to coach fellow software engineers. /liliExperience in preventing and mitigating application security vulnerabilities, familiar with OWASP Top 10 and CWE Top 25 concepts. /liliPenetration testing and bug bounty experience are advantageous but not mandatory. /li /ulpbPersonal competencies: /b /pulliQuick learner, adaptable to rapid changes, eager to acquire new skills. /liliTeam player interested in collaborating with developers and product owners to improve application security. /liliProactive, results-oriented, pragmatic problem-solver. /liliExcellent communication skills in English and Italian. /li /ulpWork mode: Hybrid. /p #J-18808-Ljbffr