CHAMP Cargosystems

About the Company

CHAMP Cargosystems is one of the leading global IT providers dedicated to the needs of the air cargo industry, providing integrated services for cargo carriers and their distribution partners worldwide.

Our applications portfolio spans core cargo systems, enterprise systems and community and distribution services, compliance services as well freight forwarding solutions.

Our solutions help our partners drive out cost, maximize yield and achieve industry compliance as cost effectively as possible.

Cargospot is CHAMP’s core cargo systems suite. It is sophisticated and comprehensive and provides end to end control over capacity, sales, operations and accounting processes.

Our Enterprise Services suite spans front and back office ERP integration, sophisticated business intelligence tools and process audit and change consulting. Combined, these provide a seamless view across all aspects of business performance.

CHAMP provides services to over 100 airlines and 200 customers worldwide, including GSAs and Forwarders. Members of the CHAMP community can exchange information securely using industry standards processes and formats, with over 60 million messages processed annually.

CHAMP is an IATA Strategic Partner, Cargo iQ Associate, Business Objects Gold Partner, AACO and AFRAA partner.

Headquartered in Luxembourg, with offices in London, Frankfurt, Zürich, Atlanta and Manila, CHAMP is a SITA company.

Listed Jobs

Company Name

CHAMP Cargosystems

Job Title

Offensive Security Engineer

Job Description

Job Title: Offensive Security Engineer Role Summary: Lead the establishment of product security practices within a SaaS environment, driving penetration testing, secure coding standards, and automated security testing integrated into agile CI/CD pipelines. Expectations: Deliver measurable improvement in security posture by implementing comprehensive tooling, aligning with compliance frameworks, and fostering a security‑first culture across development teams. Key Responsibilities: - Develop and enforce secure coding standards, reusable libraries, and best practices for Java web applications. - Integrate threat modeling, secure design reviews, and security tasks into agile backlogs and sprint planning. - Build and maintain internal penetration testing capabilities for web applications, APIs, and infrastructure. - Ensure automated and manual security testing (SAST, DAST) for every release within CI/CD pipelines. - Drive adoption of unit test frameworks incorporating security checks. - Align product security with ISO27001, SOC2, NIS2, EU AI Act, and other relevant frameworks; collaborate with Compliance and IT Security teams for audit readiness. - Lead reporting on product security posture, vulnerabilities, and remediation progress to stakeholders. - Mentor and coach developers, testers, and other team members; facilitate agile ceremonies focused on security objectives. Required Skills: - In‑depth knowledge of secure development practices, threat modeling, and vulnerability management. - Hands‑on experience with SAST/DAST tools and CI/CD integration. - Proficiency in Java web application development and modern web technologies. - Strong communication skills for stakeholder engagement. - Proven leadership in agile/SCRUM environments. Required Education & Certifications: - Bachelor’s or Master’s degree in Software Engineering, Cybersecurity, or related field. - 8+ years of experience in software development and application security, primarily with Java web applications. - Certifications: OSCP, CISSP, CISM, or equivalent. - Experience in SaaS and cloud‑native security; familiarity with ISO27001, SOC2, NIS2, EU AI Act.

Reading, United kingdom

Hybrid

Senior

10-12-2025