Inetum is a European leader in digital services, supporting organizations as they navigate continuous technological change. The company helps clients accelerate their digital transformation through a broad portfolio that includes consulting, application services, digital engineering, cloud, cybersecurity, platforms, and infrastructure services

As a Cybersecurity Engineer, you will join a Cybersecurity Competency Center responsible for strengthening and maintaining the security posture of applications across a large and diverse IT landscape within a banking and financial services environment.

Your primary mission will be to ensure application security by performing vulnerability management and secure development lifecycle (SDLC) activities, supporting development teams, and contributing to the continuous improvement of security controls and practices.

Key Responsibilities

• Support the deployment and maintenance of code analysis and dependency security solutions
• Participate in the implementation and continuous improvement of Secure Development Lifecycle (SDLC) processes
• Implement and perform application security scans:
  • SAST (Static Application Security Testing)
  • SCA (Software Composition Analysis)
  • DAST (Dynamic Application Security Testing / Web Application Scanning)
• Assess, qualify, and prioritize vulnerabilities identified through multiple security tools and sources
• Collaborate closely with development teams to identify, mitigate, and remediate security risks
• Support development teams in the implementation of security controls and secure coding practices
• Track remediation actions and ensure compliance with agreed deadlines
• Participate in the definition, measurement, and reporting of application security KPIs
• Contribute to the animation of the Application Security (AppSec) community through:
  • Security awareness initiatives
  • Promotion of best practices
  • Secure coding guidance

• Hands-on experience with application security tools and technologies, such as:
  • Fortify
  • Qualys
  • Nexus IQ
  • Kubernetes ecosystems
• Experience in automation of vulnerability management processes, including Python scripting
• Strong understanding of application security principles and best practices
• Solid knowledge of the OWASP Top 10 application security risks
• Good understanding of front-end and back-end technologies, such as:
  • Java
  • Angular
  • REST APIs
  • Other modern development frameworks
• Minimum 2 years of experience in Cybersecurity, Information Security, or IT Risk
• Security-related certifications are highly valued, including (but not limited to):
  • CISSP, CISM, CISA, CRISC
  • CEH, CCSK, CCSP
  • ISO 2700x, ISO 31000, EBIOS

Languages

• English: Mastery
• French: Mastery

Soft Skills

• Strong analytical and problem-solving abilities
• Ability to collaborate effectively and work as part of a team
• Strong client-focused mindset
• Good communication skills and ability to interact with both technical and non-technical stakeholders
• Proactive and structured approach to work