Вакансии в ИБ | infosec
@infosec_work
DevSecOps Engineer (F/N/M).
Location: #Paris, France.
Salary: Competitive.
Employer: Adevinta.
Responsibilities:
• Define and enforce security architecture standards for cloud (AWS);
• Review infrastructure-as-code (IaC) for misconfigurations and vulnerabilities and enforce standard secure best practices;
• Work with infra teams to implement hardening guidelines and secure network designs;
• Integrate security tools and controls into leboncoin Infrastructure, CI/CD pipelines (SAST, SCA, secrets detection, container security) and IT Infrastructure and services;
• Automate security testing and compliance checks in development workflows;
• Partner with developers to design secure coding patterns and threat models;
• Define, recommend, and enforce strong IAM processes across Leboncoin (covering joiner/mover/leaver, privileged access, MFA, and segregation of duties);
• Establish and enforce IAM governance and technical controls (least privilege, RBAC/ABAC, just-in-time access);
• Contribute and support for Integrating or developing security tools within Leboncoin's IT and cloud infrastructure (e.g., SIEM/SOAR integrations, vulnerability scanners, secrets managers, IAM tooling);
• Ensure tools are properly maintained, monitored, and scaled;
• Act as security advisor to product, infra, and business teams;
• Support security detection and response team during incidents with architectural and forensic expertise and with improvement mindset during post-mortems. Keen on being part of the security on-call rotation;
• Provide input into risk assessments for new projects or third-party integrations.
Requirements:
• 5 years of experience in cloud security, infrastructure security, or DevSecOps roles;
• Strong knowledge of AWS, Kubernetes, and CI/CD tool suites;
• Hands-on experience with infrastructure-as-code (Terraform, Ansible, etc.), with scripting (at least one language) and with automation;
• Solid understanding of IAM concepts, authentication protocols (SAML, OAuth2, OIDC), and privileged access management;
• Good knowledge of application security and common vulnerabilities (OWASP Top 10, SANS Top 25);
• Experience integrating security tools into pipelines;
• Experience in developing and deploying scripts and plugins;
• Excellent communication and negotiation skills to act as an advisor with engineering teams;
• Fluency in French and professional English.
Apply.
#Офис #DevSecOps
Location: #Paris, France.
Salary: Competitive.
Employer: Adevinta.
Responsibilities:
• Define and enforce security architecture standards for cloud (AWS);
• Review infrastructure-as-code (IaC) for misconfigurations and vulnerabilities and enforce standard secure best practices;
• Work with infra teams to implement hardening guidelines and secure network designs;
• Integrate security tools and controls into leboncoin Infrastructure, CI/CD pipelines (SAST, SCA, secrets detection, container security) and IT Infrastructure and services;
• Automate security testing and compliance checks in development workflows;
• Partner with developers to design secure coding patterns and threat models;
• Define, recommend, and enforce strong IAM processes across Leboncoin (covering joiner/mover/leaver, privileged access, MFA, and segregation of duties);
• Establish and enforce IAM governance and technical controls (least privilege, RBAC/ABAC, just-in-time access);
• Contribute and support for Integrating or developing security tools within Leboncoin's IT and cloud infrastructure (e.g., SIEM/SOAR integrations, vulnerability scanners, secrets managers, IAM tooling);
• Ensure tools are properly maintained, monitored, and scaled;
• Act as security advisor to product, infra, and business teams;
• Support security detection and response team during incidents with architectural and forensic expertise and with improvement mindset during post-mortems. Keen on being part of the security on-call rotation;
• Provide input into risk assessments for new projects or third-party integrations.
Requirements:
• 5 years of experience in cloud security, infrastructure security, or DevSecOps roles;
• Strong knowledge of AWS, Kubernetes, and CI/CD tool suites;
• Hands-on experience with infrastructure-as-code (Terraform, Ansible, etc.), with scripting (at least one language) and with automation;
• Solid understanding of IAM concepts, authentication protocols (SAML, OAuth2, OIDC), and privileged access management;
• Good knowledge of application security and common vulnerabilities (OWASP Top 10, SANS Top 25);
• Experience integrating security tools into pipelines;
• Experience in developing and deploying scripts and plugins;
• Excellent communication and negotiation skills to act as an advisor with engineering teams;
• Fluency in French and professional English.
Apply.
#Офис #DevSecOps
1 2.6K
Обсуждение 0
Обсуждение не доступно в веб-версии. Чтобы написать комментарий, перейдите в приложение Telegram.
Обсудить в Telegram