- Company Name
- Mobilize Financial Services
- Job Title
- Spécialiste Sécurité des Développements
- Job Description
-
Job Title: Security Development Specialist
Role Summary: Integrate security requirements into the early stages of application development (“Security by Design”) and ensure adherence throughout the application lifecycle. Support development teams with secure architecture, coding practices, code reviews, secret management, and secure tooling. Drive evolution of secure development processes, maintain security references (policies, standards, templates), and monitor compliance with internal and regulatory standards (GDPR, DORA, ISO 27001/27005). Lead training and awareness initiatives, manage software composition analysis (SCA) and static application security testing (SAST) programs, and oversee security of supporting IT services (CI/CD, source control). Maintain active threat intelligence, report on security activities, and participate in governance committees.
Expectations: 5+ years of proven cyber‑security experience in a functional and technical role, strong communication skills, ability to translate security concepts to technical and non‑technical stakeholders, and proficiency in English (TOEIC ≥ 750).
Key Responsibilities:
- Embed security requirements in upstream development phases and monitor their implementation across the application lifecycle.
- Advise on secure architecture, coding, code reviews, secret management, and tooling.
- Analyze current development practices and propose methodological, tool‑based improvements.
- Implement and maintain security references for internal and external development (policies, standards, templates, guides).
- Track action plans, coach technical teams, and ensure proper application of security controls.
- Collaborate with project leads, architects, CSO, infrastructure teams, and external partners to ensure compliance with internal policies and regulations (GDPR, DORA, BCE).
- Deliver training and awareness sessions for developers, project managers, and business teams.
- Manage software composition analysis (SCA) for components and libraries in the portfolio.
- Manage vulnerability remediation through static code analysis (SAST).
- Support security of IT services used by development teams (CI/CD, source/delivery managers).
- Conduct continuous monitoring of application vulnerabilities, emerging threats, regulatory updates, and secure development tools.
- Produce regular security development reports for project leaders, CSO, and stakeholders; participate in related committees.
Required Skills:
- Expertise in secure development practices (OWASP, SAST/DAST, secure CI/CD, secrets management).
- Proficient in development environments (Java, .NET, Python) and application architectures (API, micro‑services, cloud).
- In‑depth knowledge of security standards and regulations (ISO 27001, ISO 27005, GDPR, DORA).
- Strong interpersonal and communication skills; ability to explain security concepts to diverse audiences.
- Good command of written and spoken English (TOEIC ≥ 750); additional foreign language preferred.
Required Education & Certifications:
- Master’s degree or equivalent (Bac +5) in Computer Engineering or related field.
- Minimum 5 years of successful experience in a role that developed functional and technical cyber‑security knowledge.
- TOEIC score ≥ 750 (or equivalent English proficiency).