For one of our clients, an important FINTECH, we are looking for a strong Application Security Expert.

 Application security experts perform various functions including enabling secure software development.

They act as subject matter experts for security solutions within the organization's platform. They must be passionate about security and staying ahead of all possible threats to the system. They will work in a cross-divisional role to ensure our software security requirements are up to date and aligned to Group's standards.

They will become thoroughly familiar with the software architecture, helping to direct its development. Good communication skills are critical to efficiently coordinate with the teams and build secure end products.

They will be a member of a growing community of application security experts, take part in workshops and conducts continuous trainings for emerging security risks in the field of software development.

Working as an Application Security Expert (DevSecOps)

In products developments

• Write an (SDLC software development lifecycle) policy which include SCA, SAST, DAST, pentest.
• Push the SDLC on all the Company product & monitor the applications of rules & respect of security gates.
• Supports in SCA, SAST, DAST Management & controls and prioritizes finding remediation.
• Assists developers in Security Defect Fixing.
• Prioritization and follow-up of penetration testing remediation.
• Contributes for Secure Software Design / Security Architecture together with Solution Architects and Technical Architecture.
• Contributes to Security Requirements Implementation and Enforcement.

In global IT security

• Responsible in the new software acquisition security process (risk analysis & enforcement requirement).
• Monitoring the software product obsolescence, the shadow IT software, whitelist of IT software.
• Help the IT security team in the different topics they have (incident management, crisis management, security awareness, …) in the roadmap 2023.

Requirements

What we expect of you

• “An iron hand/fist in a velvet glove” (ie. gentle but forceful and determined).
• High diplomat skills.
• High team spirit.
• You speak fluently French and English
• Technical skill.

• Knowledge of Fortify or similar for the SAST, SCA, DAST.
• Experience in object-oriented software development.

What makes you stand out

• Experience in C# software development.