Retour aux offres d'emploi
Logo de Groupe Pierre & Vacances - Center Parcs

Cybersecurity Specialist (Cloud & Application Security)

PARIS 19 (75)

CDI

Tourisme / Culture / Sport

Tourisme / Sport

Débutant

Bac +5 et plus

Description

The Pierre & Vacances Center Parcs Group #PVCP, European leader in local tourism with more than 13,000 employees, aims to create memorable experiences in places where life is good. Your missions : Cloud Security Engineering : * You'll take a hands-on approach to implementing security controls within our cloud environments (Azure and/or GCP). * You will ensure our cloud configurations are compliant with industry standards like CIS controls and NIST frameworks. * This includes configuring and managing Identity and Access Management (IAM), network security groups, and encryption strategies. Application Security : * You will be directly involved in the code. This means performing static and dynamic application security testing (SAST/DAST) to identify vulnerabilities and working with development teams to remediate them. You'll also be responsible for integrating security tools and automated checks directly into our CI/CD pipelines. Threat Modeling & Risk Assessment : * Proactively identify and assess security risks in our applications and cloud infrastructure. * You'll participate in threat modeling exercises and help the team understand and mitigate potential threats before they become a problem * Incident Response: You will be a key part of the team that investigates and responds to security incidents, particularly those related to our applications and cloud services. Project Management: * Projects and execution which are in the scope of the CISO department. Internal Consultant: * Consultant on Cyber Security for Internal Teams (DIOSI) Policies: * Creation and enforcement KPI: * CIS, NIST and ISO270001

Profils recherchés

* Developer Background: You must have been a developer. Strong, hands-on experience with modern programming languages like Python, Go, or Java. You should be comfortable with development tools like Git and have a solid understanding of software development workflows. * Cloud & Containerization Expertise: A deep understanding of Azure and/or GCP. You should also have hands-on experience with containerization technologies like Docker and Kubernetes. You're not just familiar with the concepts; you've worked with them and know how to configure them for security and performance. * Security Knowledge & Implementation: * Deep understanding of common web application vulnerabilities (e.g., OWASP Top 10, OWASP SAMM, OWASP API Security). * Proven experience implementing and enforcing security best practices based on CIS controls and NIST frameworks for Azure and/or GCP. * Experience with security tools for vulnerability management and application security testing. * Advantage, knowledge on AI, especially Graph technology/Engineering