DevSecOps (French Speaker) | BPCE-SI

We are seeking a skilled DevSecOps Engineer to join our Security team at BPCE SI (Solutions Informatiques). In this role, you will play a critical part in enabling our IT teams to develop and release secure applications by implementing comprehensive Application Security testing solutions and promoting best practices across the organization. In this role, you will contribute to shaping a secure digital environment and protecting the interests of our clients and stakeholders.If you are passionate about DevSecOps and application security, and you thrive in a collaborative, innovative environment, we encourage you to apply and become a vital part of our dynamic team!Main

Responsibilities:Application Security Testing Solutions: Study, test, deploy, and maintain Application Security Testing tools and methodologies, including SAST (Static Application Security Testing), SCA (Software Composition Analysis), DAST (Dynamic Application Security Testing), and RASP (Runtime Application Self-Protection).

Security Scanning: Conduct application security scans on various business applications to identify vulnerabilities and ensure adherence to security standards.Collaboration with DevOps: Work closely with DevOps teams and other security professionals to automate application security testing and integrate security controls into the development and release pipelines (CI/CD).

Code Security Reviews: Collaborate with developers to perform thorough security reviews of the bank’s applications, providing actionable recommendations for vulnerability remediation and mitigation.

Guideline Development: Draft, update, and maintain application security guidelines to ensure secure development practices across teams.

Reporting Platform Development: Develop and maintain a platform for aggregating and reporting application security results, enabling better visibility and informed decision-making regarding security posture.