IDEMIA

AppSec Expert

IDEMIA  •  Łódź, PL (Hybrid)  •  9 hours ago
Apply
Save Job
Mark Applied Mark Interviewed Mark Offered
Hide Job Report Job
AI can make mistakes so check important info. Chat history is never stored.

Job Description

Since our founding, IDEMIA has been on a mission to unlock the world and make it safer through our cutting-edge identity technologies. Our technology leadership makes us the partner of choice for hundreds of governments and thousands of enterprises in over 180 countries, including some of the biggest and most influential brands in the world. In applying our unique expertise in biometrics and cryptography, we enable our clients to unlock simpler and safer ways to pay, connect, access, identify, travel and protect public places – at scale and in total security.

Our teams work from 5 continents and speak 100+ different languages. We strongly believe that our diversity is a key driver of innovation and performance.

Purpose

This role puts in place security measures to protect the company and customers against cyber-attacks.

Key Missions

  • Defines and maintains Solution, IT and Cloud Security solutions for protection, detection, response and recovery in line with the business needs, cyber threat evolution and compliance
  • Defines and maintains cybersecurity architecture blueprint for Solution, IT, Cloud or hybrid environments
  • Advises on the choice of technical solutions and advocate for secure architectures for one or a set of information systems and ensures regulatory compliance where applicable
  • Acs as level 3 support (expert) on all security solutions operated by IDEMIA
  • Investigates and analyzes existing Solution, IT and Cloud Security solutions and creates new and enhanced security methods that will enhance the security of cloud-based environments
  • Defines and maintains Solution, IT and Cloud Security technical guidelines and procedures
  • Supports projects for integration of cybersecurity requirements (security by design) and ensures the compliance with standards and regulation that apply (GSMA, PCI-DSS, PCI-CP, NIST…)
  • Performs and delivers risk analyses (EBIOS Risk Manager, ISO / CEI 27005) for complex projects
  • Reviews regularly existing architecture, identifies gaps and make recommendations for cybersecurity improvement
  • Analyzes the security risks associated with the introduction of new technologies or new information systems
  • Conducts regularly audit systems to verify compliance with Global Security Policies
  • Understands customers’ needs and summarizes the needs to propose a complex security design and solution in alignment with security standards and regulation in full autonomy
  • Participates to the strategy and policies definition for cybersecurity architecture
  • Provides expertise for cybersecurity incidents
  • Proposes and Applies cybersecurity best practices
  • Coaches less experience cybersecurity Architect

    • Profile & Other Information

    Necessary Skills:

    • Experience in programming languages (Backend: Java, Scala, Kotlin, Frontend: Typescript, Angular)
    • Knowledge of secure coding practices - to guide R&D teams how to avoid vulnerabilities and security flaws in code
    • Experience with security frameworks and standards (OWASP Top Ten, ISO)
    • Experience working with certifications requirements and supporting R&D team answer security related questions
    • Good understanding of web application architecture but also of low levels communication protocols
    • Proficiency with security tools and technologies (e.g. firewalls, intrusion detection systems, encryption, static analysis tools, dynamic analysis tools, and penetration testing tools)
    • Experience in assuring security for cloud deployed applications and knowledge about security tools available in the cloud
    • Good communication skills as you will be working with technical but also non-technical audience
    • Problem-solving skills
    • Critical thinking
    • Continues learning and adaptability

    Responsibilities:

    • Close collaborating with R&D teams to integrate and assure security at every stage in the software development lifecycle
    • Regular security reviews and threat modeling of our applications
    • Integrating security tools into processes and proactively introduce changes in case of any gaps
    • Responding to security incidents
    • Rise awareness among teams about application security (secure coding practices, security standards, security threats and countermeasures)
    • Ensure applications are aligned with certifications requirements in scope of security (e.g. SAS SM, PCI DSS)
    • Ensure teams are following internal and external security standards

    By choosing to work at IDEMIA, you will join a unique tech company, offering a wide range of growth opportunities. You will contribute to a safer world, collaborating with an international and global community. We value the diversity of our teams and welcome people from all walks of life, regardless of how they look, where they come from, who they love, or what they think.

    We deliver cutting edge, future proof innovation that reach the highest technological standards and we’re transforming, fast, to stay a leader in a world that’s changing fast, too.

    At IDEMIA, people can develop their expertise and feel a sense of ownership and empowerment, in a global environment, as part of a company with the ambition and the ability to change the world.

    Visit our website to know more about the leader in Identity Technologies

    www.idemia.com

    IDEMIA

    About IDEMIA

    IDEMIA Group is a global technology leader with more than 12 500 employees worldwide. Its two market-leading divisions deliver mission-critical solutions that simplify and secure interactions in the physical and digital realms:

    • IDEMIA Secure Transactions (IST) is the leading technology provider making it safer and easier to pay and connect. With unmatched expertise in cryptography and credential issuance, IST is trusted by over 2000 financial institutions, mobile operators, automotive manufacturers, and IoT providers worldwide. Every day, IST secures billions of essential transactions, ensuring the highest levels of data protection and convenience.

    • IDEMIA Public Security is a trusted provider of government-grade and convenient biometric-based solutions for 600 government, state and federal agencies. With decades of experience in biometric technologies, IPS enables safer, frictionless and fairer ways to secure travel, access and citizen protection.

    For more information, visit www.idemia.com and follow @IDEMIAGroup on X.

    Industry
    IT & Software
    Company Size
    10,000+ employees
    Headquarters
    Courbevoie, FR
    Year Founded
    Unknown
    Website
    idemia.com
    Social Media