DevSecOps - Security

Descrição do trabalho

The AppSec team’s main goal is to allow the IT teams to develop and release secure applications by providing them with Application Security testing solutions and by promoting Application Security best practices.

Context:

International bank of management, insurance and financial services.

Missions:

• As a member of the AppSec team, you are responsible for:
• Studying, testing, deploying, maintaining Application Security Testing solutions (SAST, SCA, DAST, RASP) .
• Performing application security scans of business applications.
• Collaborating with DevOps teams and other Security teams to automate application security testing and controls into the development & release pipelines (CI/CD).
• Collaborating with developers, performing code security reviews for the bank’s applications, and suggesting remediation/mitigation actions.
• Drafting of application security guidelines.
• Developing/maintaining a platform for aggregation and reporting of application security results.
• Mandatory to be fluent in French (English will be a plus).

• Description:
• Security infrastructure maintenance in operational :

- infrastructures supervision

• - take charge and solve problems
• Innovative solutions proposition to improve security, quality, performance and exploitation costs
• Advisory role on business projects for security solution implementation
• Security guidelines and standards redaction

• Technical Skills:
• Good experience with one or more development languages (Java, Angular, .NET, PHP, Python, …) - 5 years of experience.
• Knowledge of software development best practices and source-code vulnerabilities.
• Knowledge of HTTP and API protocols.
• Basic experience in CI/CD tools (GIT, Jenkins, Azure Devops, …).
• Previous experience with static or dynamic security scanning tools is a plus.
• Level of experience required: Between 3 and 6 years