Cronos Europa
Location
Luxembourg | Germany
Job description
We are currently looking for a "DevSecOps" to strengthen the Cronos Europa team. Mission Contribute to the design of the overall application security. Define security requirements and derive technical actions targeting the application components and code base. Draft documentation such as architecture design descriptions, assessment reports and configuration. Take an active part in developing and improving application security Vulnerability assessment (SAST and DAST) and definition of corrective actions. Categorize incidents and vulnerabilities based on relevance, exposure, and impact. Understanding of risk assessment. Technical skills Excellent knowledge of application security. Experience in the security aspects of software development (i.e.: authentication with open ID connect SAML or CAS, secure rest or Web services, encryption with PKI, authorization, secrets management, application security testing). Overall experience in the security domain. Experience in penetration testing and ethical hacking. Cloud skills are considered a strong asset. Automation skills to optimize and understand DevSecOps pipelines. Java and Python development skills. Flask, Spring Framework, Spring Boot technical skills. Profile English at a professional level (communication is mainly in English) Min 5 years' experience in the development Bachelor's degree in IT minimum. Good understanding of 3rd-party dependency security assessment (libraries, container and VM images). Rapid self-starting capability and experience in team working. Ability to participate in multi-lingual meetings, ease of communication. Experience with the ISO 27000 family of standards or equivalent security standards, implementation, and knowledge of ITSRM2 are a plus. Experience with secure IT development patterns. Experience with security testing tools (i.e.: Fortify, Burp Suite, OWASP Dependency-Check, or equivalents) and Web site vulnerability scans. Knowledge of OWASP Knowledge of the Agile methodology. Excellent interpersonal and communication skills. Good redaction skills, experience in preparation of written reports. Capability of integration in an international/multicultural environment. The following certifications are considered an asset: Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP) or equivalent, Any other information security certification Why Cronos Group? We'll propose you An attractive salary package with or without car. A good work-life balance environment. The assurance of working with cutting-edge technologies with an intrapreneurial spirit The opportunity to develop your skills thanks to tailor-made training courses according to your needs. A good job in a friendly place. If you wish to integrate a dynamic structure on a human scale while working with the latest technologies, don't wait anymore and join Cronos! Cronos Europa is an IT and digital communications company uniquely dedicated to serving the European institutions, agencies and bodies. From the European Union to EUROCONTROL, we partner with a range of supranational and interinstitutional authorities. Our mission is to arm them with the tools they need to thrive in the digital age. Every aspect of our organisation is designed to complement their capabilities - from our people to our processes and our premises. Our brand combines the expertise of former companies Cronos International and C-Dev, with the creative skills of Inspiiro and the breadth of capabilities of the Cronos Group. Today, Cronos Europa employs over 1,000 people in offices across Belgium, Luxembourg and the Netherlands, serving institutions across diverse framework contracts. Cronos Europa is part of the Cronos Group, one of the largest IT service providers in the Benelux, employing over 8,000 people across 200 competence centres. By leveraging the Group's resources, Cronos Europa can help clients extract value from new and emerging technologies, for everything from Artificial intelligence to Zg Quantum.
Job tags
Salary
