GroupePVCP_2

Cybersecurity Specialist (Cloud & Application Security)

Cybersecurity Specialist (Cloud & Application Security)

  • CDI
  • Temps plein
  • Au moins 10 ans d'expérience
  • Master, Bac+5
  • Opérations IT

Mission

  • The Pierre & Vacances Center Parcs Group #PVCP, European leader in local tourism with more than 13,000 employees, aims to create memorable experiences in places where life is good.

  • Your missions :

  • Cloud Security Engineering :

  •  You'll take a hands-on approach to implementing security controls within our cloud environments (Azure and/or GCP). 
  • You will ensure our cloud configurations are compliant with industry standards like CIS controls and NIST frameworks
  • This includes configuring and managing Identity and Access Management (IAM), network security groups, and encryption strategies.

  • Application Security : 
  • You will be directly involved in the code. This means performing static and dynamic application security testing (SAST/DAST) to identify vulnerabilities and working with development teams to remediate them. You'll also be responsible for integrating security tools and automated checks directly into our CI/CD pipelines.


  • Threat Modeling & Risk Assessment : 
  • Proactively identify and assess security risks in our applications and cloud infrastructure. 
  • You'll participate in threat modeling exercises and help the team understand and mitigate potential threats before they become a problem
  • Incident Response: You will be a key part of the team that investigates and responds to security incidents, particularly those related to our applications and cloud services.

  • Project Management: 
Projects and execution which are in the scope of the CISO department.


  • Internal Consultant: 
Consultant on Cyber Security for Internal Teams (DIOSI)

  • Policies: 
Creation and enforcement


  • KPI: 
CIS, NIST and ISO270001

Profil

  • Developer Background: You must have been a developer. Strong, hands-on experience with modern programming languages like Python, Go, or Java. You should be comfortable with development tools like Git and have a solid understanding of software development workflows.
  • Cloud & Containerization Expertise: A deep understanding of Azure and/or GCP. You should also have hands-on experience with containerization technologies like Docker and Kubernetes. You're not just familiar with the concepts; you've worked with them and know how to configure them for security and performance.
  • Security Knowledge & Implementation:
    • Deep understanding of common web application vulnerabilities (e.g., OWASP Top 10, OWASP SAMM, OWASP API Security).
    • Proven experience implementing and enforcing security best practices based on CIS controls and NIST frameworks for Azure and/or GCP.
    • Experience with security tools for vulnerability management and application security testing.
  • Advantage, knowledge on AI, especially Graph technology/Engineering

Compétences

Willingness to improve, Willingess to Win, Strong English Language Skills, Builde, Hands-on Mentality