Application Security Lead

Discover Your Next Challenge at Canon as an Application Security Lead

About Us

Canon is a world-leading imaging company and a global brand, driven to enrich people’s lives and businesses with innovative products and smart digital solutions. As a global leader in imaging and innovation, we’re driven by bold ideas, collaboration, and a commitment to making a positive impact.

With a strong presence across EMEA for over 60 years, our regional HQs in London and Amstelveen support operations in 120+ markets. Canon champions hybrid working with a flexible working policy. You will be part of an energetic and innovative environment with more than 50 different nationalities! Canon encourages continuous learning and development with a wide range of resources and support available on demand.

If you’re visionary, innovative, and ready to make an impact – we’d love to hear from you. Even if you don't meet all the qualifications we still encourage you to apply.

Job Description

This role is responsible for ensuring that projects and applications meet high security standards by performing security reviews and assessments, and providing education and guidance for the implementation of security controls. You will lead application security related discussions, designs, and testing throughout the various stages of the IT lifecycle. Additional responsibilities include implementation of secure SDLC, training, and assisting other members of IT, development companies, and Canon's strategic partners in the field of application security. You will also represent Canon EMEA in professional forums to further progress Canon as a thought leader in Information Security.

Responsibilities

• Act as the security representative within project streams for new and upcoming initiatives, translating security policies into risk controls for new and existing projects.
• Conduct security architecture and design reviews.
• Support project and development teams with relevant security knowledge.
• Assist with the implementation of security design principles.
• Guide development and project teams in the remediation of identified security deficiencies.
• Support the planning and execution of application pentests, and the follow-up of remediation measures.
• Be accountable to business and IT for the planning and execution of application pentests, and the follow-up of remediation measures.
• Recommend and assist in the implementation of security controls in the SDLC of supported applications.
• Manage the technical security auditing process within Canon’s internal IT transformation program as well as Canon’s B2C program and ensure auditing follow up and mitigation actions.
• Manage risks for the area for which they are responsible for and ensure that the overall risk in the portfolio is known and decreasing.
• Be visible in the information security industry, by participating in industry events, driving Canon’s vision to be a thought leader in information security.

Qualifications

• Significant working experience in a technical capacity in a Security or IT department, preferably across multiple security domains.
• Demonstrable experience in performing security assessments and security design reviews.
• In-depth security knowledge for cloud platforms, mainly Azure and AWS.
• Experience in software development and Application Security.
• Knowledge and expertise in secure software development lifecycle (SSDLC) is highly desirable.
• Ability to understand, follow up and progress mitigation activities for security auditing reports, penetration testing reports and/or configuration reviews.
• Good stakeholder management and communication skills.
• Experience working in large international organizations and in handling large enterprise projects is a plus.
• Attention to detail.
• Ability to work independently and as part of a team.
• A continuous learning mindset, to stay up to date with the latest developments in the industry.
• Degrees and certifications are welcome, but are not required.

Specific security & IT skills:

• Secure Architecture and Design principles
• Pentesting tools and techniques
• Threat Modelling
• Secure coding for common languages and platforms
• Security frameworks, such as OWASP, NIST CSF, CIS etc.
• Understanding of EU and international compliance requirements, such as GDPR, PCI-DSS, CRA etc.
• Containers and serverless technologies

Competencies

• Confident
• Problem Solving
• Team player
• Self-starter
• Apply Business Acumen
• Focus on the Customer
• Take Ownership and Accountability
• Canon Core Behaviours​

Further information:

At Canon, we care about the wellbeing of our team and are committed to creating a supportive, inclusive, and flexible work environment. We offer a range of benefits to help you thrive both personally and professionally:

• Performance-Based Bonus of 12.5%
• 31 Days of Annual Holiday: Enjoy a healthy work-life balance with plenty of time to recharge.
• Pension Plan: Secure your future with our comprehensive pension scheme.
• Bicycle Plan: Save on transportation costs while staying active and eco-friendly.
• Hybrid Working: Flexibility to work 3 days in the office and 2 days from home.
• Commuting: Full coverage of public transport costs or partial reimbursement for car expenses (if you commute by car).
• Exclusive Discounts: Up to 40% off on Canon products.
• Free On-Site Parking: Convenient parking spaces available for those who drive to work.
• Subsidized Restaurant: Enjoy healthy, affordable meals at our excellent on-site restaurant.
• Subsidized Starbucks Coffee to keep you energized throughout the day.
• Fresh fruit to support your health and productivity.
• On-Site Gym: Access our fully-equipped gym, free for all employees.
• Canon Social Club: Join sport and cultural activities with colleagues.
• Learning & Development Opportunities: We’re committed to helping you grow, with plenty of support for your personal and professional development.