Cybersecurity Engineer (Application Security) French Speaker

As a Cybersecurity Engineer you will join a Cybersecurity Competency Center responsible for strengthening and maintaining the security posture of applications across a large and diverse IT landscape within a banking and financial services environment.

Your primary mission will be to ensure application security by performing vulnerability management and secure development lifecycle (SDLC) activities supporting development teams and contributing to the continuous improvement of security controls and practices.

Key Responsibilities

• Support the deployment and maintenance of code analysis and dependency security solutions
• Participate in the implementation and continuous improvement of Secure Development Lifecycle (SDLC) processes
• Implement and perform application security scans:
  • SAST (Static Application Security Testing)
  • SCA (Software Composition Analysis)
  • DAST (Dynamic Application Security Testing / Web Application Scanning)
• Assess qualify and prioritize vulnerabilities identified through multiple security tools and sources
• Collaborate closely with development teams to identify mitigate and remediate security risks
• Support development teams in the implementation of security controls and secure coding practices
• Track remediation actions and ensure compliance with agreed deadlines
• Participate in the definition measurement and reporting of application security KPIs
• Contribute to the animation of the Application Security (AppSec) community through:
  • Security awareness initiatives
  • Promotion of best practices
  • Secure coding guidance

Qualifications :

• Hands-on experience with application security tools and technologies such as:
  • Fortify
  • Qualys
  • Nexus IQ
  • Kubernetes ecosystems
• Experience in automation of vulnerability management processes including Python scripting
• Strong understanding of application security principles and best practices
• Solid knowledge of the OWASP Top 10 application security risks
• Good understanding of front-end and back-end technologies such as:
  • Java
  • Angular
  • REST APIs
  • Other modern development frameworks
• Minimum 2 years of experience in Cybersecurity Information Security or IT Risk
• Security-related certifications are highly valued including (but not limited to):
  • CISSP CISM CISA CRISC
  • CEH CCSK CCSP
  • ISO 2700x ISO 31000 EBIOS

Languages

• English: Mastery
• French: Mastery

Soft Skills

• Strong analytical and problem-solving abilities
• Ability to collaborate effectively and work as part of a team
• Strong client-focused mindset
• Good communication skills and ability to interact with both technical and non-technical stakeholders
• Proactive and structured approach to work

Remote Work :

No

Employment Type :

Full-time