Profiles Desarrollo (IT)
De duración indefinida
Our client is a fast-growing fintech, present in France and Spain, with offices in Paris and Barcelona. They provide instant cash solutions and overdraft shield, aiming to become the first European on-demand cash solution. With open-minded culture that appreciates differences and teams that seizes every opportunity to celebrate success.
As a DevSecOp you will have the opportunity to:
- Participate in conducting security audits and analysis of cloud architectures, hardening, installing and configuring different security tools.
- Coordinate and participate in real security tests that allow the development and business team to find vulnerabilities to solve them and create new lines of defense.
- Perform root cause analysis of potential security problems, identifying and solving problems at the source.
- Firewall settings.
- Firewall rules review.
- Hardening in computers, operating systems and applications.
- Review and configuration of cryptography processes.
- Certificate review and configuration.
- Configure, install and implement antivirus and firewall.
- Patching vulnerabilities.
- Do trainings and verify that the development process is in accordance with OWASP.
- User access configuration and review.
- Review and configuration of passwords and access codes.
- Physical security review.
- Configure and review logs to detect suspicious processes.
- Implement log collection systems, SIEM, HIDS, NIDS.
- Define and make security policies, disaster recovery plans and business continuity plans.
What qualifications will make you successful?
- 3+ of relevant experience as a DevSecOps or similar role working with large-scale infrastructure systems.
- Relevant knowledge related to cloud virtualization platforms such as AWS or Google Cloud.
- Great team player. You enjoy working in a team, ask questions and accept any knowledge gap as you join.
- Scripting and automation skills (Python, Bash etc.)
- Proficient in Linux.
- Understanding of cloud environments.
- Good understanding of internet and computer networks (TCP/IP, TLS, VPN, etc.)
- Knowledge and experience securing mobile applications.
- SDLC implementation and testing
- Cloud service testing.
- Reverse engineering.
- Code reviews.
- Threat Modeling.
- Experience programming and configuring log integrations from syslog sources to different destinations such as SIEM, HIDS etc.
- Experience in Burp Suite, Kali Linux, Linux operating systems, Metasploit
- OSCP, OSCE, CREST, eCCPT, CISA, CISM.
- Full time permanent contract.
- Competitive salary.
- Flexible working hours.
- Possibility of partial work from home.
- Flexible holidays (25 days).
- Others : coffee, fresh fruit and regular cross-team lunches at the office.
- Employee benefits package (healthcare insurance, food vouchers more).