Devsecops Engineer H/F Pierre & Vacances
- Paris - 75
- CDI
- Bac +2
- Bac +3, Bac +4
- Bac +5
- Tourisme • Hôtellerie • Loisirs
- Exp. 10 ans min.
Détail du poste
- The Pierre & Vacances Center Parcs Group #PVCP, European leader in local tourism with more than 13,000 employees, aims to create memorable experiences in places where life is good.
- Your missions :
- Cloud Security Engineering :
- You'll take a hands-on approach to implementing security controls within our cloud environments (Azure and/or GCP).
- You will ensure our cloud configurations are compliant with industry standards likeCIS controlsandNIST frameworks.
- This includes configuring and managingIdentity and Access Management (IAM), network security groups, and encryption strategies.
- Application Security :
- You will be directly involved in the code. This means performingstatic and dynamic application security testing (SAST/DAST)to identify vulnerabilities and working with development teams to remediate them. You'll also be responsible for integrating security tools and automated checks directly into ourCI/CD pipelines.
- Threat Modeling & Risk Assessment :
- Proactively identify and assess security risks in our applications and cloud infrastructure.
- You'll participate inthreat modelingexercises and help the team understand and mitigate potential threats before they become a problem
- Incident Response: You will be a key part of the team that investigates and responds to security incidents, particularly those related to our applications and cloud services.
- Project Management:
- Internal Consultant:
- Policies:
- KPI:
Le profil recherché
- Developer Background:You must have been a developer. Strong, hands-on experience with modern programming languages likePython, Go, or Java. You should be comfortable with development tools likeGitand have a solid understanding of software development workflows.
- Cloud & Containerization Expertise:A deep understanding ofAzure and/or GCP. You should also have hands-on experience with containerization technologies likeDocker and Kubernetes. You're not just familiar with the concepts; you've worked with them and know how to configure them for security and performance.
- Security Knowledge & Implementation:
- Deep understanding of common web application vulnerabilities (e.g.,OWASP Top 10, OWASP SAMM, OWASP API Security).
- Proven experience implementing and enforcing security best practices based onCIS controls and NIST frameworksfor Azure and/or GCP.
- Experience with security tools for vulnerability management and application security testing.
- Advantage, knowledge on AI, especially Graph technology/Engineering
Publiée le 18/06/2026 - Réf : 4272917-93213203
