Devsecops (Ref. 1816)

**Responsibilities**
- Reviewing current system security measures, recommending/implementing enhancements and conducting regular system security review of existing IT systems
- Planning, researching, and designing security architectures including maintaining the security framework architecture documentation
- Designing security architecture elements to mitigate threats as they emerge; establishing disaster recovery procedures and conducting breach of security drills
- Delivering secure code review assessment on programming language (with at minimum: React-Native, ReactJS,.NET Core 3.1 (C#), Javascript); train/assist developers in writing secure softwar and remediating existing vulnerabilities; mentor and assist team members in effectively delivering assessments and enhancing skillsets
- Participating to an on-call process to contain cyber security incident, promptly responding to all security incidents and providing thorough post-event analyses

**Profiles**
- 10+ years’ experience in enterprise Information Security architecture and IT risk management with a focus on security
- Hands-on experience conducting security focused static analysis using commercial SAST tools such as Checkmarx, Appscan Source, Veracode, Coverity, Fortify and SonarQube
- Excellent knowledge of cloud computing technologies, enterprise-class security architecture, performance and reliability, cyber offensive security and cyber threat modeling
- Detailed understanding of the OWASP Top 10 and CWE Top 25 issues with focus on ability to identify and remediate vulnerability in source code and solid understanding of security protocols, cryptography, authentication, authorization and security
- Excellent written and verbal communication skills as well as business acumen, ability to interact with a broad cross-section of personnel to explain and enforce security measures and to explain risk and business impact of security vulnerabilities in source code to variety of audience

**Activity rate**

100 %