About this role
<p><img src="https://performancemanager5.successfactors.eu/doc/custom/SICPA/2025_New%20Branding_Header_1000x325px_Beige_Woman.jpg" style="border:0.0px currentcolor;width:900.0px;height:293.0px"></p> <p><span style="font-family:arial, helvetica, sans-serif">We are looking for an experienced Security Engineer to join our Digital Research & Innovation organization and help embed security from the design phase across SICPA’s digital products worldwide.You will play a global, transversal role, working closely with development and DevOps teams to identify vulnerabilities early, streamline security practices, and integrate security controls into modern cloud‑native environments.</span></p> <p> </p> <p style="text-align:center"><strong><span style="font-family:arial, helvetica, sans-serif;font-size:14.0pt">SOFTWARE SECURITY ENGINEER</span></strong></p> <p><strong><span style="font-family:arial, helvetica, sans-serif">KEY OBJECTIVES</span></strong></p> <p><span style="font-family:arial, helvetica, sans-serif"> </span></p> <p> </p> <ul> <li style="font-family:arial, helvetica, sans-serif"><span style="font-family:arial, helvetica, sans-serif">Shift security left by addressing security early in the design and development process</span></li> <li style="font-family:arial, helvetica, sans-serif"><span style="font-family:arial, helvetica, sans-serif">Automate and maintain security checks within CI/CD pipelines</span></li> <li style="font-family:arial, helvetica, sans-serif"><span style="font-family:arial, helvetica, sans-serif">Reduce vulnerabilities before deployment</span></li> <li style="font-family:arial, helvetica, sans-serif"><span style="font-family:arial, helvetica, sans-serif">Ensure compliance with security regulations and standards</span></li> <li style="font-family:arial, helvetica, sans-serif"><span style="font-family:arial, helvetica, sans-serif">Promote collaboration between development, security, and operations teams worldwide</span></li> </ul> <p style="font-family:arial, helvetica, sans-serif"> </p> <p style="font-family:arial, helvetica, sans-serif"><span style="font-family:arial, helvetica, sans-serif"><strong> KEY RESPONSABILITIES </strong></span></p> <p style="font-family:arial, helvetica, sans-serif"> </p> <p> </p> <ul> <li style="font-family:arial, helvetica, sans-serif"><span style="font-family:arial, helvetica, sans-serif">Define and review security requirements and architectural designs across application, infrastructure, and network layers</span></li> <li style="font-family:arial, helvetica, sans-serif"><span style="font-family:arial, helvetica, sans-serif">Provide security support during design and development phases of digital products</span></li> <li style="font-family:arial, helvetica, sans-serif"><span style="font-family:arial, helvetica, sans-serif">Develop, maintain, and improve security and vulnerability scanning tools integrated into build pipelines</span></li> <li style="font-family:arial, helvetica, sans-serif"><span style="font-family:arial, helvetica, sans-serif">Perform security reviews of pull requests, analyze vulnerabilities, and support remediation actions</span></li> <li style="font-family:arial, helvetica, sans-serif"><span style="font-family:arial, helvetica, sans-serif">Execute preliminary audits, document findings, and contribute to risk mitigation strategies</span></li> <li style="font-family:arial, helvetica, sans-serif"><span style="font-family:arial, helvetica, sans-serif">Identify vulnerabilities in applications and cloud‑native environments, including Kubernetes / OpenShift platforms and public cloud (AWS)</span></li> <li style="font-family:arial, helvetica, sans-serif"><span style="font-family:arial, helvetica, sans-serif">Support secure deployment in public cloud environments</span></li> <li style="font-family:arial, helvetica, sans-serif"><span style="font-family:arial, helvetica, sans-serif">Monitor industry security trends and assess potential impacts on products</span></li> <li style="font-family:arial, helvetica, sans-serif"><span style="font-family:arial, helvetica, sans-serif">Contribute to quarterly planning and long‑term security improvement roadmaps</span></li> <li style="font-family:arial, helvetica, sans-serif"><span style="font-family:arial, helvetica, sans-serif">Provide visibility on the security level per product and team</span></li> <li style="font-family:arial, helvetica, sans-serif"><span style="font-family:arial, helvetica, sans-serif">Collaborate actively with global security teams across departments and regions</span></li> <li style="font-family:arial, helvetica, sans-serif"><span style="font-family:arial, helvetica, sans-serif">Report security incidents and escalate issues when required</span></li> <li style="font-family:arial, helvetica, sans-serif"><span style="font-family:arial, helvetica, sans-serif">When relevant, organise security workshops for technical teams</span></li> </ul> <p> </p> <p> </p> <p><strong><span style="font-family:arial, helvetica, sans-serif">PROFILE</span></strong></p> <p> </p> <ul> <li style="font-family:arial, helvetica, sans-serif"><span style="font-family:arial, helvetica, sans-serif">University degree in Computer Science, Engineering, or equivalent</span></li> <li style="font-family:arial, helvetica, sans-serif"><span style="font-family:arial, helvetica, sans-serif">5+ years of experience in security engineering, application security, or secure software architecture</span></li> <li style="font-family:arial, helvetica, sans-serif"><span style="font-family:arial, helvetica, sans-serif">Experience in application security testing tools (e.g. SonarQube is a plus)</span></li> <li style="font-family:arial, helvetica, sans-serif"><span style="font-family:arial, helvetica, sans-serif">Experience in penetration testing or offensive security</span></li> <li style="font-family:arial, helvetica, sans-serif"><span style="font-family:arial, helvetica, sans-serif">Software development experience, preferably in Java, JavaScript, and Python</span></li> <li style="font-family:arial, helvetica, sans-serif"><span style="font-family:arial, helvetica, sans-serif">Experience with automation and infrastructure‑as‑code tools (Ansible, Terraform) is a plus</span></li> <li style="font-family:arial, helvetica, sans-serif"><span style="font-family:arial, helvetica, sans-serif">Knowledge of Kubernetes / OpenShift is a strong advantage</span></li> <li style="font-family:arial, helvetica, sans-serif"><span style="font-family:arial, helvetica, sans-serif">Knowledge of AWS security is a strong advantage</span></li> <li style="font-family:arial, helvetica, sans-serif"><span style="font-family:arial, helvetica, sans-serif">Security certifications (OSCP, CEH, CISA) are a plus</span></li> <li style="font-family:arial, helvetica, sans-serif"><span style="font-family:arial, helvetica, sans-serif">Strong communication and analytical skills in a global, cross‑functional environment</span></li> <li style="font-family:arial, helvetica, sans-serif"><span style="font-family:arial, helvetica, sans-serif">Fluent in English; French is an asset</span></li> </ul> <p><strong><span style="font-family:arial, helvetica, sans-serif">JOIN US!</span></strong></p> <p> </p> <ul> <li style="font-family:arial, helvetica, sans-serif"><span style="font-family:arial, helvetica, sans-serif">Our success comes from our highly skilled and talented employees</span></li> <li style="font-family:arial, helvetica, sans-serif"><span style="font-family:arial, helvetica, sans-serif">Respectful entrepreneurship and a long-term vision are key for success</span></li> <li style="font-family:arial, helvetica, sans-serif"><span style="font-family:arial, helvetica, sans-serif">Our people contribute to a more secure world</span></li> <li style="font-family:arial, helvetica, sans-serif"><span style="font-family:arial, helvetica, sans-serif">Diversity at all levels of an organisation is a strengths</span></li> </ul> <p><span style="font-family:arial, helvetica, sans-serif">We offer an exciting and challenging role, with great potential for personal development within a unique organization in a fascinating industry. Your file will be handled with upmost confidentiality and discretion.</span></p> <p> </p>