5 years minimum experience in application security
Expertise in secure sdlc and threat modeling
Proficiency with sast, dast, and sca tools
The role involves securing application projects by integrating security requirements from the initial development phases through production in a DevSecOps environment
Job Summary
The role involves securing application projects by integrating security requirements from the initial development phases through production in a DevSecOps environment.
You will be responsible for defining automated security controls within CI/CD pipelines and managing vulnerability remediation processes across hybrid cloud and on-premises infrastructures.
The position offers the opportunity to lead security awareness initiatives, conduct threat modeling, and ensure compliance with major regulations like DORA, NIS2, and GDPR.
Matching Summary
The role involves securing application projects by integrating security requirements from the initial development phases through production in a DevSecOps environment.
Skills & Requirements
Must-have
5 years minimum experience in application security
Expertise in Secure SDLC and threat modeling
Proficiency with SAST, DAST, and SCA tools
Experience with CI/CD pipelines (GitLab, Jenkins)
Knowledge of OWASP ASVS and ISO 27034 standards
Understanding of cloud and on-premises hybrid environments
Nice-to-have
Strong communication and training facilitation skills
Experience with DORA and NIS2 regulatory compliance
Ability to drive a strong security culture
Familiarity with SBOM and GitOps practices
Fluency in French and English languages
Key Requirements
Bachelor's degree or Bac +5 in Cybersecurity or Computer Science
Minimum 5 years of experience in Application Security or DevSecOps