Hellowork a estimé le salaire pour cette offre
Cette estimation de salaire pour le poste de Application Security Engineer H/F à Paris est calculée grâce à des offres similaires et aux données de l’INSEE.
Cette fourchette est variable selon expérience.
Salaire brut min
43 000 € / an 3 583 € / mois 23,63 € / heureSalaire brut estimé
58 800 € / an 4 900 € / mois 32,31 € / heureSalaire brut max
73 200 € / an 6 100 € / mois 40,22 € / heureCette information vous semble-t-elle utile ?
Merci pour votre retour !
Application Security Engineer H/F Capital Fund Management
- Paris 7e - 75
- CDI
- Télétravail occasionnel
- Bac +5
- Banque • Assurance • Finance
- Exp. 4 ans min.
Les missions du poste
ABOUT THE ROLE
Are you passionate about application security and ready to serve as a subject matter expert in both application security andsecuring thesoftwaredevelopmentlifecycle? In this role,you'llbe instrumental in protecting our low-latency processing systems and trading platforms across diverse environments. Reporting directly to theDirector of Application Security, you will work collaboratively with development, infrastructure, and operations teams to embed security into every phase of ourprocess and in the company culture.
Overview & Key Responsibilities:
- Serve as the internal point of reference and Subject Matter Expert on application security and software factory security.
- Design, implement, andmaintainthe essential tools to ensure secure CI/CD pipelines with robust security controls including automated testing,secretsdetection,compliance checks, software composition analysis, and vulnerability management.
- Supportour development teamsin addressing identifiedfindings, ensuringcompliance withsecure coding practicesto align withindustry standardsforboth cloud and on-premisesenvironments, andpromotea culture ofongoingsecurityenhancement.
- Participate indesign reviews, threat modeling, and architecture assessments to proactivelyidentifyand mitigate security risks in new and existing solutions.
- Work with our Core and Architecture team toestablishand enforcesolutionsfor encryption, authentication (both human and machine), access control (role- and attribute-based), secret management, and secure configurations in cloud (AWS, GCP, or Azure) as well as on-premises environments.
- Develop, monitor, and report indicators to track security performance and drive continuous improvement.
Profile description:
Minimum Qualifications:
- Bachelor's degree (or equivalent practical experience) in Computer Science, Information Security, ora relatedfield.
- A minimum of4years of hands-on experience in application security, with provenexpertisesecuring modern architectures-including cloud environments, containerized applications, serverless platforms, APIs, and traditional on-premises systems.
- Hands-on experience with security testing tools (e.g., SAST,DAST, IAST, SCA, SBOM...)
- Ability to design, configure,implement,andmaintainthesetools as part ofproductionCI/CD pipelines, ensuringaccuratevulnerability detection, low noise, and minimal impact on deployment speed and stability.
- Ability to design, configure, implement, andmaintainthese tools as part ofproductionCI/CD pipelines, ensuringaccuratevulnerability detection, low noise, and minimal impact on deployment speed and stability.Demonstrableexperience implementing and managing secure CI/CD pipelines and integratingDevSecOpspractices.
- Proficiencyin Linux environments, networking protocols (TCP/IP, UDP, HTTP, HTTPS), andmicroservicesarchitectures.
- Expert onauthentication and authorization protocols including but not limited to SAML, OAuth2, OpenIDConnect.
- Strong coding skillsinPython with the ability to read, analyze, and communicate code vulnerabilities to both technical and non-technical audiences.
- Clear understanding ofweb developmentfundamentalslike REST APIs, cookies, same-originpolicy, cross-origin resourcesharingetc.
- Familiarity with common security frameworks and methodologies (e.g., OWASP Top 10, NIST SSDF).
- Excellent written and verbal communication skills, with proven ability to transform complex technical concepts into clear business and security recommendations.
Preferred Qualifications:
- An advanced certification such as Certified Secure Software Lifecycle Professional (CSSLP) is highly desirable.
- Demonstratedexpertisein cloud security across AWS, GCP, or Azure, and extensive experience securing on-premises systems to ensure a cohesive security posture across all environments.
- Strong background in implementing and managing Infrastructure as Code (IaC) and automation tools (e.g., Terraform, Ansible, CloudFormation).
- Experience with threat modelingorconducting comprehensive security auditsis a plus.
CAPITAL FUND MANAGEMENT S. A.
Publiée le 23/12/2025 - Réf : CFM_bJ71p1O
Créez une alerte
Application Security Engineer H/F
- Paris 7e - 75
- CDI
Finalisez votre candidature
sur le site du
recruteur
Créez votre compte pour postuler
sur le site du
recruteur !
sur le site du recruteur
sur le site du recruteur !
Ces offres pourraient aussi
vous intéresser
Recherches similaires
- Emploi Security engineer
- Emploi Informatique
- Emploi Développeur
- Emploi Technicien support informatique
- Emploi Développeur Java
- Emploi DevOps
- Emploi Ingénieur de développement
- Entreprises Informatique
- Entreprises Security engineer
- Entreprises Paris
- Emploi Sécurité informatique
- Emploi Drive
- Emploi Expert
- Emploi Certification
- Emploi Management
- Emploi CDI Paris
- Emploi Sécurité informatique Paris
Testez votre correspondance
Chargement du chat...
{{title}}
{{message}}
{{linkLabel}}