Job description:We are looking for an Application Security expert to ensure a high level of security of the applications:•To mainly ensure that developers' DevSecOps activities related to SAST and SCA are done according to the security policies.
•To Identify global gaps and propose remediation strategy.
•To contribute to security frameworks improvementsMain Tasks:To check how developers work with Fortify and Nexus IQ: alignment with development's lifecycle, coverage of the scansTo check if findings are properly treated: vulnerabilities well remediated, no wrong false positive classificationTo challenge the developers, support the remediation and acculturate them with Fortify, Nexus IQ and secure coding best practicesTo develop tooling to automate as much as possible the DevSecOps effectiveness controls.
Technical Skills:All kind of application: Business Web application, Mobile app, on prem / public cloud hosting...Jenkins, Bitbucket, Artifactory, Fortify, NexusIQ, API RESTFor all kind of applications and languages (JAVA, JS, PHP, C#...)Application securitySASTSCAPython scriptingLanguage SkillsEnglishFrench language is not mandatory but well appreciatedSoft Skills:Organizational skillsAbility to collaborate / teamwork across multiple geographical locationsDecision makingAnalytical ability/ Critical thinking / Attention to detail & RigourAutonomy