Application Security Engineer - F/H
CDI Neuilly-sur-Seine (Hauts-de-Seine)
Job description
Your role @ Chanel
CHANEL invests significant efforts to provide state-of-the-art security environment to its employees and partners in order to improve their productivity, both individual and collective, carry out their mission efficiently, and contribute to the long-term brand equity of the House.
Reporting to CHANEL's Corporate IT functions, Global Digital Platforms (GDP) is a department composed of three main teams:
· "References and Services": in charge of Product Reference Documents, Digital Assets Management, Customer Identification Management and a Wishlist service;
· "Chanel.com”: in charge of Chanel e-commerce website;
· "In Store & Mobile”: in charge of Digital Signage and Mobile Apps.
Within GDP, the Application Security Engineer will join GDP’s Security Team that works closely with the Global Security, Infrastructure and Development teams. He will work with numerous passionate engineers, on all the most modern frameworks and technologies.
Example of our current challenges:
· Accelerate our Shift-Left and Product oriented security posture
· Support development teams in hardening the software architecture and code
· Foster and support End-to-End Encryption on our Software Product
· Keep the bar among standards
The impact you can create at Chanel
Your main missions are :
· Help our Product Owners to ship ‘secure by design’ features
· Perform application-focus, offensive, security assessments of existing and upcoming Chanel’s features and products
· Enforce smart CI/CD security tooling (SAST, dependencies checker, IAST, RASP)
· Identify vulnerability in the source code and design of our products
· Fix vulnerabilities or support development team on fixing
· Maintain and contribute to Chanel’s Secure Development Lifecycle
· Contribute to Chanel’s security at-scale by default
· Raise awareness of our developers to security best practices
· Contribute to our Red Team / Blue Team organization
· Write public articles about our security practices and participate in conferences with pairs.
Who You Are
If you don’t meet all the requirements below but believe this opportunity matches your expectations and experience, we still encourage you to apply!
You are energized by :
· Application security and development
· Security assessments of web applications have no secret for you
· A strong understanding of common and uncommon web application vulnerabilities and mitigations (OWASP Top10)
· Common programming language (Java, Javascript,...): you have been a developer somehow.
· Security vulnerabilities
· A good understanding of security in distributed systems at scale
· Working in English and French fluently
· Collaborating with all people working in the company (tech & non-tech)
· Good communication skills
· Autonomy, Pragmatism and good structuration skills
· Proactively contributing to Chanel’s security
What We Offer
· Continuous training programs on all key competencies (English, soft skills, expertise)
· Transparent internal and international mobility opportunities you are re welcome to apply for
· High-quality office spaces supporting collaboration, health and wellbeing
· Rich variety of Corporate events
· A high level of flexibility at work (homeworking and co-working spaces)
Job details
· Permanent Position
· Full time
· Location: Neuilly-sur-Seine
· Start Date : ASAP