DevSecOps Remediation Manager

il y a 1 mois


Greater Lille Metropolitan Area, FR Neotrust Temps plein

About the Job

Neotrust is a security innovation company that helps Executives, CISO, CIO and CTO to successfully complete their security transformation and integrate cyber innovation into their long-term security strategy.

A large customer with international footprint, is looking for a DevSecOps Remediation Manager.



THE ROLE - JOB PURPOSE


The DevSecOps Remediation Manager is responsible for managing and supporting business teams in remediating application vulnerabilities (AppSec) in a context where Cybersecurity is named as a mandatory component of the information system.


As a consequence, the Customer Cybersecurity team composed of 30 people:

  • Maintains the international cybersecurity framework (the rules)
  • Delivers operational cybersecurity services (e.g. vulnerability scanner, EDR, SOC), mainly as a service center
  • Monitors and report global cybersecurity posture
  • Operates the cybersecurity of the international components technically under responsibility.


YOUR PROFILE


As a confirmed DevSecOps consultant (M/F), you will join the Cybersecurity department, a multidisciplinary, caring and human-sized team.


Coming from a Bac+5 level training, you have at least 3 to 5 years of experience in a similar position, and you have a strong interest in DevOps/DevSecOps technologies and culture. Your previous experiences have allowed you to develop the following skills and knowledge:

In-depth knowledge of DevSecOps principles and practices, and how they apply in a customer-facing context:

  • Knowledge of JavaScript, Java, Python, dotnet, Shell and Go languages, and of the following IDEs: VSCode, JetBrains, Android Studio, IntelliJ IDEA
  • Knowledge of "Infrastructures as Code (IaC)" technologies: Terraform
  • Application security (OWASP TOP 10, secrets management, MITRE ATT@CK, etc.)
  • Cloud (GCP, Azure, OCI) and DevOps culture (CI/CD, containerization, etc.)
  • Proficient in DevSecOps tools like Kubernetes, Dockerfile, Ansible, Helm, GitHub, etc., for continuous integration and delivery.
  • Previous experience & expertise with AppSec solution (preferably Checkmarx and Qualys) would be valuable.
  • Mastery of workstation operating systems, development and security tools.
  • Ability to work closely with development, operations and security teams.
  • Ability to analyze complex security issues and find effective solutions.
  • Understanding of different technological environments and platforms.
  • Ability to understand and anticipate customer needs and respond effectively.
  • Constantly stay informed of the latest trends and threats in new technologies and security to offer the best solutions to customers.


Furthermore, you have good organizational and rigorous qualities. You have excellent interpersonal and listening skills which allow you to work in a team and independently. Curious, you are also proactive and fully involved in your projects. Your qualities of analysis, synthesis, your ability to act on problem solving, as well as confirmed technical mastery are your assets to take charge of this position. A good level of English is desired.


Beyond your technical skills, you want to continue to progress, learn and demonstrate curiosity about new developments around cybersecurity and DevSecOps. You know how to rise to the occasion and challenge what exists. You like to share your knowledge and discoveries with your team.


Your good interpersonal skills and sense of communication (both written and oral) allow you to build a relationship of trust with your colleagues and customers.


YOUR MISSION


The Remediation Manager will be in charge of at DevOps / AppSec level to:

  • Contribute to the design of the application architecture (cybersecurity expert)
  • Onboard and animate product teams on security tests
  • Support clients to integrate security from the start into their projects
  • Design and delivery of awareness/training sessions dedicated to cybersecurity topics
  • Train and raise awareness among development teams and end users about security best practices (Cyber by Design)
  • Identify, assess and remediate application vulnerabilities
  • Support for remediating vulnerabilities and helping with capitalization at the company level
  • Contribute to the continuous improvement of the DevSecOps offer and implementation of new DevSecOps activities
  • Support and collaborate with product teams to define good development practices, and Review User Stories, and to carry out the risk analysis of the product
  • Empower product teams to trigger security audits with available tools for the product team and associated procedures (SAST, DAST, SCA, repository scan, etc.), and Impacts evaluation of remediation action on the product
  • Track progress status on previous security action plan and priorities
  • Deployment, functional configuration, fine tuning of tools, automation, centralization of results
  • Definition of cybersecurity indicators (prerequisite: fine tuning)
  • Significantly lead to improvement of those indicators to demonstrate the value of the approach from a security perspective


YOUR SKILLS


You are recognized for your leadership, your sense of customer service, and your ability to unite and lead teams. You have excellent interpersonal skills and enjoy working in a complex organization with strong interdependence.

You are curious, and constantly on the lookout for the latest developments in the world of databases. You are used to working in an international context and you speak English fluently

As you probably understood in the previous “missions” paragraph, here are the main skills that are expected from the candidate:


CYBERSECURITY SKILLS

Automation

  • Formally describe infrastructure automation, and Able to generate KPI

Collaboration

  • Able to formally describe tasks and definition of done, and able to estimate time and complexity of efforts Architecture and security
  • Understand application architecture, and know in depth security controls
  • Understand complementarity of each security test

Security technology (secret management, secret scanning, SAST, DAST, SCA, IAC Security)

  • Able to give feedback on technology to cover needs
  • Share technological knowledge to promote self service approach
  • Optional: have been part of security deployment project


SOFT SKILLS

Leadership: Trust, Support collaboration and Communication

Human skills: Open minded, Motivated, and Autonomous

Transformation: Adapt and learn, and Embody innovation


Languages

  • French speaking & writing
  • English speaking & writing


Work experience:

  • You have at least 3 to 5 years of experience in operational information security management with efficiency and ability to make things change.


Minimum education level:

  • You own a master degree in IT, or have significant experience in a similar job position ?

You are a funny man/woman and want to work with a team of security professionals in a large French company with international journey ?


Contact

job@neotrust.io


  • DevSecOps Manager

    Il y a 2 mois


    Greater Lille Metropolitan Area, FR Source Technology Temps plein

    DevSecOps Manager 12 month contract Hybrid Rates DOE The DevSecOps Manager is responsible for managing and supporting business teams in remediating application vulnerabilities (AppSec) in a context where Cybersecurity is named as a mandatory component of the information system.Role Contribute to the design of the application architecture Onboard and animate...

  • DevSecOps Engineer

    il y a 4 semaines


    Greater Paris Metropolitan Region, FR BforBank Temps plein

    Votre monde change, le nôtre aussi !Sur le modèle d'une "Tech company", BforBank place l'innovation et le digital au cœur de sa transformation. Notre mission, offrir à nos clients une expérience bancaire incomparable pour répondre leurs besoins et usages mobile. Rejoindre BforBank c’est rejoindre une équipe engagée dans un grand projet de...

  • Service Delivery Manager

    Il y a 2 mois


    Greater Paris Metropolitan Region, FR SQUAD Conseil et Expertises Temps plein

    Dans le cadre de sa croissance, SQUAD recherche un(e) Service Delivery Manager (SDM) pour intégrer sa Direction du Delivery forte de plus de 200 collaborateurs, et dont l’ambition sera d’atteindre 500 collaborateurs d’ici 2025.Intégrer les Managed Security Services (MSS) Squad, c’est rejoindre une équipe de plus de 200 collaborateurs qui opèrent...


  • Greater Marseille Metropolitan Area, FR Klanik Temps plein

    La Direction Technique de Klanik recherche son Lead Architecte Solution Cloud pour rejoindre sa Practice Devops & Cloud.Rejoindre les Practices de la direction opérationnelle de Klanik c’est intervenir au cœur des projets de transformations stratégiques de nos clients en parallèle de votre rôle de Practice Consultant.Les practices sont représentées...

  • Service Delivery Manager

    il y a 3 semaines


    Greater Lyon Area, FR BeeBryte - New Ways for Energy Efficiency Temps plein

    Vous souhaitez rejoindre une jeune entreprise française (et singapourienne) à taille humaine et en forte croissance, tournée vers l’innovation et l’international ? Vous êtes soucieux(se) des défis énergétiques et environnementaux de notre époque, et vous voulez contribuer concrètement à la sobriété énergétique et à la réduction des...


  • Greater Lyon Area, FR Davidson consulting Temps plein

    Créée en 2005, Davidson est une société de conseil en management et expertise technologique.Rejoindre Davidson, ce n’est pas seulement intégrer un groupe de 3000 consultants dans 6 pays et 2 continents, c’est intégrer LA société qui a été élue par ses salariés Great Place To Work France et Europe pendant 4 ans mais aussi une des plus grandes...


  • Greater Lyon Area, FR EXAKIS NELITE Temps plein

    Exakis Nelite, entité du groupe Magellan Partners, est le 1er partenaire pure-player Microsoft indépendant en France avec l’ambition de devenir le premier partenaire Européen et en Afrique Francophone avec sa forte présence au Maroc.Nés du rapprochement de 2 leaders spécialistes de l’intégration des solutions Microsoft, nous allions expertise...


  • Greater Paris Metropolitan Region, FR DGSE - Direction Générale de la Sécurité Extérieure Temps plein

    La Direction Générale de la Sécurité Extérieure, DGSE, recrute un ingénieur Conception de l’infrastructure SOC (H/F). Le poste est situé à Paris. La nationalité française est obligatoire.Domaine métier CyberVotre environnement de travailAu cœur de l’équivalent d’une DSI œuvrant pour la DGSE et la communauté du renseignement, vous...

  • Senior Java Developer

    il y a 4 semaines


    Greater Paris Metropolitan Region, FR Innova Solutions Temps plein

    Job Title: Senior Java Developer‍Job Type: CDI with clientKeywords: Java, Spring, React, MongoDB, TDD/BDD, CI/CDWhat you'll do:Contribuer aux nouvelles fonctionnalités, de la conception à la production, en travaillant dans toute l'entreprise avec les chefs de produit, les concepteurs UX et d'autres équipes dans un environnement agile.Livrer...

  • HR Data Expert

    Il y a 2 mois


    Greater Paris Metropolitan Region, FR AXA Group Operations Temps plein

    The divisionYou will join the Group Operations Transformation division, aiming to accelerate the success of AXA Group Operations (GO) by providing simple and user-oriented services across Transformation and Change management, Human Resources and Communication.Our missions:· Anticipating future workforce needs and skillset· Attracting, retaining and...

  • Product Owner Workplace

    il y a 4 semaines


    Greater Paris Metropolitan Region, FR AXA Group Operations Temps plein

    Windows Basic is a legacy Windows 10 product part of the AXA Group Operations Workplace – Modern Device Product line department.It is a worldwide deployed product representing ~90K devices, present across geographies, which technical configuration is mainly managed by 3 Integration Teams (engineering teams).As part of the Workplace-Modern Device Product...


  • Greater Paris Metropolitan Region, FR EXAKIS NELITE Temps plein

    Exakis Nelite, entité du groupe Magellan Partners, est le premier partenaire pure-player Microsoft indépendant en France avec l’ambition de devenir le premier partenaire Européen et en Afrique Francophone avec sa forte présence au Maroc.Nés du rapprochement de 2 leaders spécialistes de l’intégration des solutions Microsoft, nous allions expertise...

  • Analyste cybersécurité

    il y a 4 semaines


    Greater Paris Metropolitan Region, FR Alten Temps plein

    Leader mondial de l’Ingénierie et du Conseil en Technologies, ALTEN réalise des projets de conception et d’études pour les grands comptes industriels, télécoms et tertiaires (les Directions Techniques et les Directions des Systèmes d’Information).Désormais présent à travers 30 pays, le Groupe ALTEN a réalisé un chiffre d’affaires de 4,07...

  • Ingénieur SOC

    Il y a 2 mois


    Greater Paris Metropolitan Region, FR Néosoft Temps plein

    Groupe indépendant de conseil en transformation digitale de près de 1800 collaborateurs, Néosoft s’est construit, depuis 2005, sur un modèle qui place l’excellence, le dépassement de soi et la RSE au cœur de sa stratégie.En nous rejoignant, vous intégrez des communautés d’experts et de talents qui vous permettent de développer vos...

  • Product Owner

    Il y a 2 mois


    Greater Paris Metropolitan Region, FR Axa group operations Temps plein

    As a world-leading insurance company, we act for human progress by protecting what matters. With 153,000 employees in 54 countries working for 105 million customers, we’ve created a truly dynamic and vibrant community. Inclusion and diversity link closely with our values, and together we’re nurturing a culture of respect, for each other, for our...


  • Greater Paris Metropolitan Region, FR Axa group operations Temps plein

    About AXAAs a world-leading insurance company, we act for human progress by protecting what matters. With 153,000 employees in 54 countries working for 105 million customers, we’ve created a truly dynamic and vibrant community. Inclusion and diversity link closely with our values, and together we’re nurturing a culture of respect, for each other, for our...

  • Offensive Security Lead

    il y a 4 semaines


    Greater Paris Metropolitan Region, FR Rexel Temps plein

    Rexel. Electrifying solutions that make a sustainable future possible.Rexel, worldwide expert in the professional multichannel distribution of electrical products and services for the energy world, addresses three main markets - residential, commercial, and industrial. Passionate, dedicated and highly knowledgeable, our people are instrumental in bringing...

  • Data Asset Owner

    Il y a 2 mois


    Greater Paris Metropolitan Region, FR Tata Consultancy Services Temps plein

    Tata Consultancy Services (TCS) is an IT services, consulting and business solutions organization that has been partnering with many of the world’s largest businesses in their transformation journeys for over 55 years. As part of the Tata group, India's largest multinational business group - TCS has over 614,000 of the world’s best-trained...

  • Senior Compliance Officer

    il y a 4 semaines


    Greater Paris Metropolitan Region, FR Worldline Temps plein

    This is WorldlineWorldline helps businesses of all shapes and sizes to accelerate their growth journey - quickly, simply, and securely. We are the innovators at the heart of the payments technology industry, shaping how the world pays and gets paid. Our technology powers the growth of millions of businesses across 5 continents. And just as we help our...

  • DevSecOps Remediation Manager

    il y a 3 semaines


    Lille, France Neotrust Temps plein

    About the JobNeotrust is a security innovation company that helps Executives, CISO, CIO and CTO to successfully complete their security transformation and integrate cyber innovation into their long-term security strategy.A large customer with international footprint, is looking for a DevSecOps Remediation Manager.THE ROLE - JOB PURPOSEThe DevSecOps...


  • Lille, France Neotrust Temps plein

    About the JobNeotrust is a security innovation company that helps Executives, CISO, CIO and CTO to successfully complete their security transformation and integrate cyber innovation into their long-term security strategy.A large customer with international footprint, is looking for a DevSecOps Remediation Manager.THE ROLE - JOB PURPOSEThe DevSecOps...

  • DevSecOps Manager

    Il y a 2 mois


    Lille, France Source Technology Temps plein

    DevSecOps Manager 12 month contract Hybrid Rates DOE The DevSecOps Manager is responsible for managing and supporting business teams in remediating application vulnerabilities (AppSec) in a context where Cybersecurity is named as a mandatory component of the information system. Role Contribute to the design of the application architecture Onboard...

  • DevSecOps Manager

    il y a 3 semaines


    Lille, France Source Technology Temps plein

    DevSecOps Manager 12 month contract Hybrid Rates DOE The DevSecOps Manager is responsible for managing and supporting business teams in remediating application vulnerabilities (AppSec) in a context where Cybersecurity is named as a mandatory component of the information system. Role Contribute to the design of the application architecture Onboard...

  • DevSecOps Manager

    il y a 3 semaines


    Lille, France Source Technology Temps plein

    DevSecOps Manager 12 month contract Hybrid Rates DOE The DevSecOps Manager is responsible for managing and supporting business teams in remediating application vulnerabilities (AppSec) in a context where Cybersecurity is named as a mandatory component of the information system.Role Contribute to the design of the application architecture Onboard and animate...

  • DevSecOps Manager

    Il y a 2 mois


    Lille, France Source Technology Temps plein

    DevSecOps Manager 12 month contract Hybrid Rates DOE The DevSecOps Manager is responsible for managing and supporting business teams in remediating application vulnerabilities (AppSec) in a context where Cybersecurity is named as a mandatory component of the information system.Role Contribute to the design of the application architecture Onboard and animate...

  • DevSecOps

    il y a 2 semaines


    Strasbourg Metropolitan Area, France Easytransac Temps plein

    Easytransac est une référence dans le paiement dématérialisé avec une expérience construite auprès de plus de 50 000 utilisateurs.Easytransac facilite leurs méthodes d’encaissement par le biais d’innovations technologiques telles que l’encaissement NFC directement sur smartphone via le simple téléchargement de l’application...

  • manager tests f/h

    il y a 5 jours


    Lille, Hauts-de-France Neotrust Temps plein

    About the Job Neotrust is a security innovation company that helps Executives, CISO, CIO and CTO to successfully complete their security transformation and integrate cyber innovation into their long-term security strategy. A large customer with international footprint, is looking for a DevSecOps Remediation Manager . The DevSecOps Remediation Manager is...


  • Lille, France Exotec Temps plein

    Chez Exotec, nous mettons l’excellence technologique au service de la redéfinition des relations entre humains et robots. A travers le monde, nos solutions révolutionnent la façon dont nos clients délivrent leurs produits aux consommateurs finaux. Nous contribuons au succès des plus grandes marques du commerce et de l’industrie, tout en améliorant...

  • Ingénieur(e) R&D DevSecOps

    il y a 3 semaines


    Lille, France Exotec Temps plein

    Chez Exotec, nous mettons l’excellence technologique au service de la redéfinition des relations entre humains et robots. A travers le monde, nos solutions révolutionnent la façon dont nos clients délivrent leurs produits aux consommateurs finaux. Nous contribuons au succès des plus grandes marques du commerce et de l’industrie, tout en améliorant...


  • Toulouse Area, France Airbus Temps plein

    Description de l'emploi :Want to spread your wings? What if your adventure begins with us?Airbus Cybersecurity School is a unique initiative.Airbus offers you a work-study contract covering both your training at the Airbus.Cybersecurity School (in partnership with Ynov Campus, Toulouse) and yourapprenticeship at Airbus.This opportunity is open only to...

  • Expert Cloud Azure

    il y a 1 mois


    Greater Nantes Metropolitan Area, France SQUAD Conseil et Expertises Temps plein

    Fondé en 2011, Squad est un cabinet de conseil et d’expertise, TOP7 français des spécialistes de la cybersécurité, certifié PASSI RGS et LPM.SQUAD est une société de conviction technique qui a très tôt identifié une convergence entre la cybersécurité et les métiers de l'infrastructure, du Cloud et du développement. Forts de notre...

  • Expert cybersécurité

    il y a 3 semaines


    Lille, Hauts-de-France Coriom Conseil Temps plein

    identify, assess and remediate application vulnerabilitiesContribute to the continuous improvement of the DevSecOps offer and implementation of new DevSecOps activitiesDeployment, functional configuration, fine tuning of tools, automation, centralization of resultsCompétences techniques"javascript, java, python, dotnet, shell, go" - Confirmé -...

  • Expert cybersécurité

    Il y a 2 mois


    Lille, Hauts-de-France Coriom Conseil Temps plein

    identify, assess and remediate application vulnerabilitiesContribute to the continuous improvement of the DevSecOps offer and implementation of new DevSecOps activitiesDeployment, functional configuration, fine tuning of tools, automation, centralization of resultsCompétences techniques"javascript, java, python, dotnet, shell, go" - Confirmé -...


  • Greater Lyon Area, France Davidson consulting Temps plein

    Créée en 2005, Davidson est une société de conseil en management et expertise technologique.Rejoindre Davidson, ce n'est pas seulement intégrer un groupe de 3000 consultants dans 6 pays et 2 continents, c'est intégrer LA société qui a été élue par ses salariés Great Place To Work France et Europe pendant 4 ans mais aussi une des plus grandes B...

  • Incident manager informatique

    il y a 3 semaines


    Lille, France Insitoo Freelances Temps plein

    Basée à Lille, Lyon, Nantes, Grenoble et Bruxelles, Insitoo Freelances est une société du groupe Insitoo, spécialisée dans le placement et le sourcing des Freelances IT et Métier. Depuis 2007, Insitoo Freelances a su s?imposer comme une référence en matière de freelancing par son expertise dans l?IT et ses valeurs de transparence et de proximité....

  • DevSecOps H/F

    il y a 3 semaines


    Lille, France Externatic Temps plein

    Présentation de la sociétéUnderguard, c’est la branche recrutement dédiée cybersécurité du groupe Externatic, cabinet de recrutement apportant son expertise depuis plus de 10 ans auprès d’entreprises pour la captation des profils pénuriques de l’IT et la Cyber.Rejoignez notre communauté sur LinkedIn !MissionJe suis Thomas, Consultant sénior...

  • DevSecOps H/F

    il y a 1 mois


    Lille, France Externatic Temps plein

    Présentation de la sociétéUnderguard, c’est la branche recrutement dédiée cybersécurité du groupe Externatic, cabinet de recrutement apportant son expertise depuis plus de 10 ans auprès d’entreprises pour la captation des profils pénuriques de l’IT et la Cyber.Rejoignez notre communauté sur LinkedIn !MissionJe suis Thomas, Consultant sénior...

  • Security Architect

    il y a 1 mois


    Strasbourg Metropolitan Area, France Brayton Global Temps plein

    Our client is a European Union Agency responsible for the operational management of large-scale IT systems that support the implementation of the EU’s policies in the areas of freedom, security, and justice. The agency plays a key role in enhancing the security of the EU by ensuring the efficient and secure operation of critical IT systems, contributing to...


  • Toulouse Area, France Airbus Temps plein

    Description de l'emploi :We are developing the next generation of defense systems that will be in production during the next decades.Do you want to take part of the definition of the cybersecurity architecture standards that will be used in the following years?For Airbus Defence and Space (Airbus DS) within the Vulnerability Management Team we are looking...