Job Description

This role will provide expertise in application security across all phases of the IT lifecycle, including discussions, design reviews, and testing activities.


The position will also be responsible for implementation of secure SDLC, training, and assisting other members of IT, development companies and Canon's strategic partners in strengthening application security practices. Additionally, the role will represent Canon EMEA in professional forums, promoting Canon's position as a thought leader in Information Security.



We are looking for the following in our future colleague:


Significant working experience in a technical capacity in a Security or IT department, preferably across multiple security domains. Demonstrable experience in performing security assessments and security design reviews. In-depth security knowledge for cloud platforms, mainly Azure and AWS. Experience in software development and Application Security. Knowledge and expertise in secure software development lifecycle (SSDLC) is highly desirable. Ability to understand, follow up and progress mitigation activities for security auditing reports, penetration testing reports and/or configuration reviews. Good stakeholder management and communication skills. Experience working in large international organizations and in handling large enterprise projects is a plus. Attention to detail. Ability to work independently and as part of a team. A continuous learning mindset, to stay up to date with the latest developments in the industry. Degrees and certifications are welcome, but are not required.

Specific security & IT skills:


Secure Architecture and Design principles Pentesting tools and techniques Threat Modelling Secure coding for common languages and platforms Security frameworks, such as OWASP, NIST CSF, CIS etc. Understanding of EU and international compliance requirements, such as GDPR, PCI-DSS, CRA etc. Containers and serverless technologies

Canon Core Behaviours




Drive for results Focus on the Customer Take ownership and accountability Act as a team player Shows courage and conviction People orientated Caring for self and others

Act as the security representative within project streams for new and upcoming initiatives, translating security policies into risk controls for new and existing projects. Conduct security architecture and design reviews. Support project and development teams with relevant security knowledge. Assist with the implementation of security design principles. Guide development and project teams in the remediation of identified security deficiencies. Support the planning and execution of application pentests, and the follow-up of remediation measures. Be accountable to business and IT for the planning and execution of application pentests, and the follow-up of remediation measures. Recommend and assist in the implementation of security controls in the SDLC of supported applications. * Manage the technical security auditing process within Canon's internal IT transformation program as well as Canon's B2C program and ensure auditing follow up and mitigation actions.