Vulnerability Analyst
Since our founding, IDEMIA has been on a mission to unlock the world and make it safer through our cutting-edge identity technologies. Our technology leadership makes us the partner of choice for hundreds of governments and thousands of enterprises in over 180 countries, including some of the biggest and most influential brands in the world. In applying our unique expertise in biometrics and cryptography, we enable our clients to unlock simpler and safer ways to pay, connect, access, identify, travel and protect public places – at scale and in total security.
Our teams work from 5 continents and speak 100+ different languages. We strongly believe that our diversity is a key driver of innovation and performance.
Purpose
Within IDEMIA IPS in the Cybersecurity team, you will take the role of a Vulnerability Analyst and a DevSecOps Expert.
Key Missions
Key Responsibility:
- Categorize, prioritize, and perform an initial assessment of a vulnerability.
- Analyze the results vulnerability assessments or penetration tests.
- Prepare reports that identify technical and procedural findings and provide recommended remediation strategies/solutions.
- Formulate vulnerability information, details and assessments that are clear and understandable by different levels of stakeholders (management, developers, customers)
- Understand the design or implementation flaw that causes or exposes the vulnerability to exist.
- Develop risk mitigation strategies to resolve vulnerabilities and recommend security changes to system or system components as needed.
- Learn about a new vulnerability from reading public sources or other third-party sources
Outside of this primary Vulnerability Analyst scope, you will also have a secondary DevSecOps Analyst/Expert role that you will be trained for, with the following responsibilities:
- You will assist, support, and guide project teams in understanding, analyzing, tracking, and remediating vulnerabilities detected by automated tools (e.g. SAST, SCA) and document this process and its conclusions in a formal report.
- You will guide project teams towards using DevSecOps tools and methods, and participate in their implementation, usage deployment, and day-to-day use.
- This may be by documenting and formalizing processes, methods, guides, trainings related to cybersecurity, as well as by driving or participating to cybersecurity-related automation and scripting tasks.
- Participate in the setup of third party or custom tools related to DevSecOps (general scripting).
- Participate to the evaluation, review, selection, mapping, and setup of security tooling.
Profile & Other Information
Required Skills:
- Vulnerabilities Assessment
- Threat Analysis
- Client Relationship Management, External Awareness.
- Data Privacy and Protection
- Legal, Government, and Jurisprudence Awareness
- Risk Management
- Asset and Inventory Management
- Technology Awareness
- Computer Network Defense
Important Soft skills:
- Able to work, learn, and investigate subjects autonomously.
- Good oral and written communication skills. Presenting Effectively.
- Read, written, and spoken English is mandatory.
Some nice to have skills:
- 5 years of experience in a cybersecurity role, preferably in defense.
- Computer Forensics
- SW system architecture knowledge
- Experience in the development of applications (may be Java, C++, Javascript, etc.)
- Good understanding of SAST, SCA and DAST tools to automate the detection of security issues.
- Good understanding of Software development lifecycle in an Agile environment.
By choosing to work at IDEMIA, you will join a unique tech company, offering a wide range of growth opportunities. You will contribute to a safer world, collaborating with an international and global community. We value the diversity of our teams and welcome people from all walks of life, regardless of how they look, where they come from, who they love, or what they think.
We deliver cutting edge, future proof innovation that reach the highest technological standards and we’re transforming, fast, to stay a leader in a world that’s changing fast, too.
At IDEMIA, people can develop their expertise and feel a sense of ownership and empowerment, in a global environment, as part of a company with the ambition and the ability to change the world.
Visit our website to know more about the leader in Identity Technologies