The position is based in Paris region and will be fully remote with one day potentially expected on site.
In the context of building a DevSecOps offer for the digital and development Teams, a security profile is required to contribute to the offer construction, promotion and day-to-day operations.
The role missions are the following:
- Be the product owner of DevSecOps Security tools :
- Maintain, modernize & globalize the SDLC with the team in charge of the "ModernAppGarage"
- Help IT Development Teams to deliver secure custom applications:
- §Identify the necessary security layers (products, processes, configuration) to be part of the DevSecOps offer,
- § Identify the necessary security layers to be part of the overall digital app architecture in IAAS environment
- Deploy and high-level configuration of the tool
- Be able to provide tools utilization guidelines and train Digital teams
- Provide high level support and be in regular contact with security editors and hosters,
- Provide alerting and regular reporting related to usage, compliance and incidents of tools,¬
- Drive the security adoption by developing internal partnerships with Digital teams,
- Promote IS/IT and Security standards across organization and contribute in Group strategy, recommendations, design and implementation in IT environment to meet current and future business needs.
Skills:
DevOps regular tools
- Github, Gitlab, Jenkins, Terraform, Slack, sonarcloud, slack, …
- OWASP /SANS 25 risks mitigation
- SAST (Checlkmarx, VeraCode, ...)
- DAST (Acunetix, Nessus, Qualys, …)
- WAF (F5, Barracuda, Akamai, Imperva, …)
- AWS and Azure environnement
- AntiBot
- Reverse Proxy
- DDOS protection
- IDS/IPS
- Vault
- Certificates
- Agile, ITIL, Project management, NIST / ISO 27000 standards
Required Background:
- Experience (> 4 years) in devops in AWS environment
- Experience (> 2 years) in devsecops and project management or team leading
- Independence and responsibility in action
- Excellent communication skills with the internal people and external suppliers
- Reliability and integrity in action
- Creative thinking and innovation in proposing ideas, willing to lead approved ideas on becoming live
- Fluent French & English