Senior DevSecOps Consultant M/F

You will join our clients' IT departments, working within teams dedicated to establishing and enhancing DevSecOps practices, with a strong emphasis on continuous integration (CI/CD) and application security. In this Senior DevSecOps Consultant role, you will be instrumental in guiding clients through the assessment, definition, and ongoing refinement of their DevSecOps strategies and implementations.

Must Have

• Conduct DevSecOps audits and define improvement plans.
• Deploy and modernize CI/CD pipelines using tools like XL Deploy and XL Release.
• Standardize DevSecOps compliance requirements.
• Collaborate with security teams to integrate security reports and tests.
• Actively participate in upskilling teams on DevSecOps tools and practices.
• Master's degree in Engineering, IT, or a related university field.
• Significant experience in DevSecOps, continuous integration, and application security.
• At least 7 years of experience in DevOps security.
• Proven experience integrating scan tools into CI/CD security gates.
• Master application security concepts: OWASP top 10, SAST, DAST, SCA, Shift left Security.
• Master shell scripting techniques.
• Good knowledge of CI/CD pipelines, especially Jenkins.
• Solid knowledge of cloud and network infrastructure.
• Confirmed experience with code analysis tools like SonarQube and Checkmarx.
• Mandatory English proficiency, both written and oral.

Good to Have

• Additional experience in financial security or anti-money laundering practices.
• Experience implementing Agile methodologies (Scrum, SAFe) and V-cycle project management.

OFFER DETAILS

You will intervene within our clients' IT departments, in the teams responsible for the implementation and strengthening of DevSecOps practices, with a particular focus on continuous integration (CI/CD) and application security.

Your MISSIONS

You will hold the role of DevSecOps Consultant and will be a key element in supporting our clients in the evaluation, definition, and continuous improvement of their DevSecOps practices.

You may notably be required to carry out the following actions:

• Perform initial DevSecOps audits to assess current maturity, existing CI/CD pipelines, tools, and security integrations,
• Develop and implement action plans to improve DevSecOps practices, particularly by setting up QualityGates,
• Deploy and modernize CI/CD pipelines using tools such as XL Deploy and XL Release,
• Standardize DevSecOps compliance requirements adapted to team maturity,
• Work closely with security teams to integrate security reports and tests into delivery cycles,
• Actively participate in upskilling teams on DevSecOps tools and practices.

Your PROFILE

• Graduated with a Master's degree (Engineering, IT school, or university), you have significant experience in DevSecOps practices or as an expert in continuous integration and application security.
• You have at least 7 years of experience in the field of DevOps security and at least one successful experience in integrating scan tools into pipelines (CI/CD security Gates).
• You perfectly master application security concepts: OWASP top 10, SAST and DAST, SCA, Shift left Security.
• You master scripting techniques (shell), have good knowledge of CI/CD pipelines (notably Jenkins), and ideally have experience with tools like XL Deploy and XL Release.
• You have solid knowledge of cloud and network infrastructure as well as confirmed experience with code analysis tools such as SonarQube and Checkmarx.
• You know how to work autonomously while being highly collaborative, rigorous, endowed with a great capacity for synthesis, and capable of being proactive.
• Additional experience in financial security or practices related to anti-money laundering would be appreciated but not mandatory.

Your SKILLS

• Expertise in DevOps and continuous integration (CI/CD),
• Good knowledge of Cybersecurity,
• Good level in scripting (shell),
• Familiarity with XL Deploy, XL Release, Jenkins,
• In-depth knowledge of cloud and network infrastructure,
• Proven experience with SonarQube and Checkmarx tools,
• Ability to integrate security reports into delivery processes,
• Mandatory English proficiency, both written and oral,
• Experience in implementing Agile methodologies (Scrum, SAFe) and V-cycle project management.

Our DIVERSITY COMMITMENT

Quanteam is disability-friendly and committed to professional equality, diversity, and inclusion. It is open to all talents and, as such, encourages anyone with the skills mentioned in this offer to submit their application.

Quanteam offers a business model focused on responsibility, commitment, responsible management, and is committed to sustainable development and respect for the environment.

We welcome everyone with respect, convinced that diversity is a source of enrichment.

About Quanteam

Quanteam (an entity of the Rainbow Partners Group) is a consulting firm specializing in the Banking, Finance, and Financial Services sectors.

Our 850 consultants, from 35 different nationalities, are located in Paris, Lyon, London, New York, Montreal, Geneva, Lisbon, Porto, Brussels, Casablanca, Madrid, and Singapore.

With dual business and IT expertise, Quanteam supports its key account clients (investment banks, asset management companies, private and retail banks, securities depositories, etc.) across the entire Front-to-Back chain, in the evolution of their business activities and in their transformation projects.

Our teams are organized around 5 areas of expertise:

• Quantitative Finance
• Risks, Compliance, and Regulatory
• Operations and Finance
• Transformation and Organization
• IT and Information Systems