Home
Jobs
Sansaone
Security Manager

Security Manager

Hybrid

Strasbourg, France

Full Time

02-04-2025

Share this job:

Expired

Job Specifications

Position Title: Security Manager
Location: Strasbourg, France
Duration: 12 Months with possibility of renewal
Languages: English
Work mode: hybrid (60% onsite & 40% remote)

Job Description:
Work closely with software development teams or contractors to ensure secure coding practices are followed throughout the software development lifecycle (SDLC).
Review code for vulnerabilities and recommend secure coding standards.
Conduct security risk assessments on new and existing applications, focusing on potential threats and weaknesses.
Support DevSecOps practices by integrating security into CI/CD pipelines.
Support in integrating the security tools in the CI/CD pipelines.
Ensure compliance with relevant industry standards and regulations (e.g., EU DPR, ISO 27001, NIST).
Collaborate on security documentation, including policies, procedures, and risk assessments.
Educate and train staff on secure development and security best practices.

Requirements
Possess at least a High School diploma
Minimum 10 years of experience in IT.
At least 7 years of experience in dealing with ICT security issues.
Demonstrated experience in conducting comprehensive security assessments of ICT projects and systems, utilizing standards such as ISO 15408 and ISO 2700x or equivalent.
Ability to collaborate with multidisciplinary project teams to ensure consistent application of security policies, measures, and standards across all technology initiatives, systems, and services, both on-premises and in the cloud.
Experience partnering with developers to integrate security checkpoints throughout the Software Development Lifecycle (SDLC), following industry-accepted standards such as NIST SP 800-115 and/or ISO security guidelines.
Proficiency in performing System Security Risk Assessments.
Expertise in preparing and submitting security-related documentation, including vulnerability assessments.
Capability to develop secure coding practices in alignment with organizational strategy and security framework.
Experience in supporting DevSecOps practices by embedding security within CI/CD pipelines, performing code reviews for vulnerabilities, and recommending secure coding standards.
Skill in educating and training staff on secure development methodologies and best practices in security.

About the Company

Welcome to Sansaone, a dynamic force in the realm of ICT talent acquisition. Born out of a passion for excellence and a vision for connecting outstanding professionals with forward-thinking organizations, we stand as a beacon for strategic recruitment solutions in the Information and Communication Technology sector. With a commitment to excellence and a passion for connecting exceptional professionals with innovative organizations, we are your strategic partner in building transformative teams. Know more