Principal Security Engineer - Application Security
Cyber Security - Amsterdam, The Netherlands
Principal Security Engineer - Application Security
Cyber Security - Amsterdam, The Netherlands
Apply to this Job
Apply with LinkedIn
apply now

At TomTom…You’ll move the world forward. Every day, we create the most innovative mapping and location technologies to shape tomorrow’s mobility for the better.

We are proud to be one team of more than 5,000 unique, curious, passionate problem-solvers spread across the world. We bring out the best in each other. And together, we help the automotive industry, businesses, developers, drivers, citizens and cities move towards a safe, autonomous world that is free of congestion and emissions.

What You'll Do

  • Lead TomTom's software security initiative
  • Develop application security guardrails 
  • Define and establish product security engineering standards and guidelines 
  • Provide technical leadership to the team through coaching and mentoring
  • Deliver security engineering services (e.g., application threat modeling, secure code reviews, remediation advice) to engineering teams 
  • Contribute to the development of the team's service catalog 
  • Take part in product security incident response activities
  • Support the implementation of vendor compliance requirements from TomTom customers 
What you’ll need
  • 8+ years of experience in application security

  • 4+ years of professional software development experience

  • Fluency in one or more of the following languages: Java, C++, Python, JavaScript, Scala

  • Experience with modern technology stacks and development practices

  • Familiarity with standard security protocols (e.g., OAuth2, OIDC, SAML, TLS)

  • Demonstrable experience in conducting threat assessment and risk analysis engagements, security and privacy requirements elicitation, and security code reviews

  • Thorough understanding of vulnerability classes and related remediation and mitigation strategies

  • Functional knowledge of applied cryptography

  • Experience with application and cloud security testing automation

  • Solid knowledge of existing industry standards and best practices and their uses (e.g., OWASP)

  • Familiarity with software assurance maturity models and their use (e.g., OWASP SAMM)

  • Demonstrable stakeholder management experience

  • Experience working in a DevOps environment

  • Familiarity with the Modern Software Factory concept and its principles

  • Strong engineering mindset

  • Demonstrable technical leadership skills

  • Excellent verbal and written communication skills with strong attention to detail

  • Thirst for knowledge and a drive to stay current with evolving threat landscapes

What’s nice to have
  • Familiarity with cloud-native architectures and design principles

  • Experience with cloud security automation

  • Security testing automation experience (e.g., BDD Security)

  • Automotive security knowledge

  • Product management experience

  • Program or project management experience

  • Application penetration testing experience

  • Technical certifications (e.g., CSSLP, SEI, GIAC)

  • Relevant published work or public speaking engagements at industry conferences

Meet your team We’re Information Security. We protect TomTom’s infrastructure, applications, employees and customers. We work alongside Enterprise IT, Commercial IT, Legal, Finance and HR to minimize risk and increase resilience across the business. We take an intelligence-driven approach, relying on innovative commercial and open-source solutions to proactively identify vulnerabilities and contain threats. On our team, you’ll help secure a safe, connected, autonomous world that is free of congestion and emissions.

Achieve more We are self-starters who play well with others. Every day, we solve new problems with creativity, meet new people and learn rapidly at our offices around the world. We will invest in your growth and are committed to supporting you. In everything we do, we’re guided by six values We care, putting our heart into what we do; we build trust (you can count on us); we create – driven to make a difference; we are confident, but don’t boast; we keep it simple, since life is complex enough; and we have fun because life’s too short to be boring.

After you applyOur recruitment team will work hard to give you a meaningful experience throughout the process, no matter the outcome. Your application will be screened closely and you can rest assured that all follow-up actions will be thorough, from assessments and interviews through your onboarding.

TomTom is an equal opportunity employerWe celebrate diversity, thrive on each other’s differences and are committed to creating an inclusive environment at our offices around the world. Naturally, we do not discriminate against any employee or job applicant because of race, religion, color, sexual orientation, gender, gender identity or expression, marital status, disability, national origin, genetics, or age.

Ready to move the world forward?

Apply to this Job
Apply with LinkedIn
apply now
Application form
Upload your resume
Upload either DOC, DOCX, HTML, PDF, or TXT file types (5MB max)
Drag and drop a file here
How did you hear about us?
Terms and conditions
TomTom is all about getting you to where you want to be. To help you achieve more in your career, we'll need to ask some things about you. At the same time, we fully understand that you value your privacy.
Read more

Your application for the Principal Security Engineer - Application Security position was submitted successfully.

What is next?

Thanks for applying, we’ve received your application and are carefully reading through it. If you are a successful candidate we’ll contact you.

More challenge, more growth
Join our hackathons, developer days, leadership programs and more.
Unlock your creativity
We have an agile work culture, entrepreneurial spirit and involved founders.
Together keeping the world moving
4,500+ people in

41 offices

29 countries.
Similar jobs