Senior DevSecOps Engineer

il y a 6 jours

Paris, France Neotrust Temps plein

Job Description — Senior DevSecOps Engineer (Offensive Security Focus) Location : Hybrid (Paris) or Remote (France / Europe) Department : Cybersecurity / DevSecOps Seniority : Senior / Expert Duration : 1 year (renewable) Contract : Full-time ( Freelance ) About the role We’re looking for a Senior DevSecOps Engineer with a strong Offensive Security mindset to elevate our application security across the full SDLC. You’ll combine hands‑on penetration testing skills with modern DevSecOps practices to find real‑world risks, automate security controls, and help engineering teams ship secure software faster. You’ll work closely with developers, cloud / platform teams, and architects to integrate security into CI / CD, strengthen cloud‑native workloads, and build a strong secure engineering culture. What you’ll do Offensive Security / Application Security Perform targeted penetration tests on web, API, mobile, and cloud‑native applications. Conduct threat modeling and adversarial analysis on critical services. Identify, exploit, and validate vulnerabilities to assess real impact and exploitability. Perform secure code reviews (manual and tooling / AI‑assisted). DevSecOps Integration Improve SAST, SCA, DAST, IaC, and container scanning in Azure DevOps pipelines (Snyk experience is a major plus). Automate security gates and enforce quality thresholds in CI / CD. Build custom security checks, scripts, and DevSecOps automations. Improve developer workflows by providing secure coding guidance and actionable fixes. Secure SDLC & Continuous Hardening Run security reviews for new applications and major releases. Support Security Champions and coach development teams. Participate in incident response and post‑mortems for security issues. Collaborate with Cloud Security on posture management and remediation. Security Automation & AI Develop or tune AI agents to support vulnerability analysis and remediation. Automate correlation of findings across tools (SAST / SCA / Cloud). Contribute to internal security dashboards and metrics (Power BI, API integrations). What we’re looking for Required experience Strong track record in application penetration testing (OWASP Top 10, API attacks, auth bypass, RCE, business logic flaws). Strong understanding of secure coding (C#, Java, JS / TS, Python, etc.). Familiarity with DAST tools plus manual exploitation techniques. Deep knowledge of authN / authZ (OAuth2, OIDC, JWT). Strong grasp of DevSecOps architecture and SDLC best practices. Hands‑on experience with : Azure DevOps pipelines Azure Cloud (App Services, Functions, IAM, Storage, Key Vault) Container security (Docker, Kubernetes basics) Snyk (SAST / SCA / IaC / Cloud) (highly valued) Tooling & frameworks Burp Suite, ZAP, Nmap, Postman, Metasploit, custom scripts. Threat modeling methods (MITRE ATT&CK, STRIDE). Source code review with or without tooling. Soft skills Ability to challenge designs and architectures from an attacker’s POV. Clear communication with technical and non‑technical stakeholders. Strong ownership, mentoring mindset, and leadership on security topics. Analytical thinking, problem‑solving, pragmatism. Nice to have Certifications (preferred, not required) : OSWE / OSCP / OSEP / GWAPT , AZ-500 / AZ-400 or similar. Experience in large enterprise environments. Experience with AI‑assisted AppSec tooling and workflows. Why join us High‑impact role with real ownership over AppSec and DevSecOps practices. Modern cloud‑native stack (Azure) and a strong focus on automation. Opportunity to blend offensive security with engineering enablement and AI‑powered security. #J-18808-Ljbffr

  • Senior DevSecOps Engineer – Offensive Security

    il y a 6 jours

    Paris, France Neotrust Temps plein

    A cybersecurity firm is seeking a Senior DevSecOps Engineer with offensive security expertise to enhance application security practices. The role requires hands-on penetration testing and integration of security within CI/CD pipelines. Candidates should have a strong background in secure coding, DevSecOps architecture, and familiarity with tools like Azure...

  • DevSecOps Engineer Senior

    il y a 1 semaine

    Paris, Île-de-France Collective Temps plein

    Budget: TJ : 600€ContexteLa mission se déroule dans le cadre de la refonte de l'hébergement global du SI d'un groupement de laboratoires, aujourd'hui on-premise, hétérogène et multi-sites, issu de multiples rachats. SI critique, données de santé sensibles, exigences fortes de sécurité, disponibilité et résilience, transition vers un modèle...

  • Devsecops Engineer

    il y a 7 jours

    Paris 8e, France American IT Systems Temps plein

    **Title - DevSecOps Engineer** **Location - 19 boulevard Malesherbes 75008 Paris, France (Fully Onsite from day 1)** **Type - Contract** **Department: DevSecOps Platform** **Reports to: Product Owner - DevSecOps Platform** **Note - Must have “Monitoring & Platform Reliability” experience with strong devops engineer with security...

  • Devsecops

    il y a 2 semaines

    Paris, France Onlieffe Temps plein

    Florin Recrutement est un cabinet de recrutement spécialisé dans les métiers de l'IT et du marketing. Nous recherchons un DevSecOps Senior pour un client cabinet de Conseil. Il s'agit d'un jeune cabinet de Conseil en transformation digitale. Nous cherchons un consultant avec au minimum 5 années d’expérience professionnelle et au moins une...

  • Devsecops

    il y a 2 semaines

    Paris, France TRSB Temps plein

    **Activité du client**: Gestion de copropriétés et la gestion locative **Contexte du projet**: Pleinement intégré dans le dispositif cyber sécurité du groupe (politique, gouvernance, monitoring, sécurité opérationnelle), vous vous concentrerez essentiellement sur l?activité de sécurisation de l?ERP. Vous travaillerez main dans la main avec les...

  • Senior Cloud Security Engineer — DevSecOps Leader

    il y a 2 semaines

    Paris, France Leboncoin.fr Temps plein

    Une plateforme de vente en ligne recherche un(e) Ingénieur·e DevSecOps à Paris. Vous serez responsable de la sécurité des infrastructures cloud et DevSecOps. Ce poste exige une expérience de 5 ans en sécurité cloud et une solide connaissance d'AWS. En outre, vous devrez intégrer des mesures de sécurité dans les pipelines CI/CD et collaborer avec...

  • Platform Engineer Senior

    il y a 1 semaine

    Paris, France Aston Robinson International Temps plein

    OverviewEs-tu prêt(e) à relever un défi DevSecOps qui allie l'I.A et impact dans le secteur de la santé (la lutte contre le cancer) ?Nous proposons de renforcer l'équipe d'une Start-Up MedTech de dimension internationale en tant que SRE Senior, spécialiste du Build et Run d'une infrastructure Cloud et Kubernetes.Travailler en binôme avec le premier...

  • Senior Solutions Engineer

    il y a 13 heures

    Paris, France JFrog Temps plein

    **Residency in Paris / Toulouse is required. **#LI-REMOTE At JFrog, we're reinventing DevOps to help the world's greatest companies innovate - and we want you along for the ride. This is a special place with a unique combination of brilliance, spirit and just all-around great people. Here, if you're willing to do more, your career can take off. And since...

  • Devsecops (H/F)

    il y a 7 jours

    Paris, France Licorne Society Temps plein

    Licorne Society a été missionné par une startup en pleine croissance pour les aider à trouver leur DevSecOps. **About the role**: Due to continued growth, we are searching for a **DevSecOps Engineer**to ensure the reliability, scalability, and security of our production and development environments. In this role, you will be hands-on in managing **AWS-...

  • Consultant DevSecOps Confirmé ou Senior

    il y a 1 semaine

    Paris, France Talan Group Temps plein

    Consultant DevSecOps Confirmé ou Senior (H/F)Talan est un groupe international de conseil et d’expertises technologiques qui accélère la transformation de ses clients par les leviers de l'innovation, la technologie et la data.Depuis plus de 20 ans, Talan conseille et accompagne les entreprises et les institutions publiques dans la mise en œuvre de...