Mastodon

As the leading publisher and a key European player in the cybersecurity market, Stormshield is a subsidiary of Airbus Defence and Space Cyber Programmes, offering innovative security solutions to protect networks, workstations, and data. To support our growth and search for new talent, we are recruiting a Deputy Product Security.

Deputy Product Security: Job Summary

  • Position: Deputy Product Security
  • Team: Mesh Unified Management (MUM)
  • Type: Permanent Contract
  • Location: Lyon
  • Remote : Yes, up to 3 days per week

Deputy Product Security: Experience and Skills

️⭐ Who are we looking for?

Security is at the heart of Stormshield's practices, concerns, and processes in product development. To frame and take responsibility for good practices from the long-term strategic vision to operations, we need a cybersecurity expert imbued with good practices and able to communicate and structure these approaches within teams.

We are not looking for a specialist in a specific technology or cloud provider, but someone who is agnostic, able to quickly understand a new environment and carry convictions with the support of the Product Security Officer (PSO). You will need to have strong skills in SaaS-delivered products, with a transverse understanding from the lowest layers to the application layer and a DevSecOps approach. In-depth knowledge of networks would be a plus, as the stakes on this theme are very high. Your role is based on a PSO and a team responsible for conducting security audits and penetration tests, with whom you will work.

✏️ What are the missions of the Deputy Product Security?

  • Ensure product compliance with security best practices, including those defined by ANSSI and the PSO;
  • Conduct risk analyses on different systems;
  • Define the Security Assurance Plan;
  • Work on creating a PRA;
  • Plan a resilience and security validation plan;
  • Operationally reinforce the application of recommendations carried by the PSO;
  • Detect, communicate, and analyze sensitive points of the product and its infrastructure and ensure their control;
  • Carry the subject of security on a daily basis to the closest teams, as a reference on the subject;
  • Participate in defining and improving security practices (Standards, Tools, etc.);
  • Constitute, communicate, and deploy the product's security roadmap;
  • Contribute to Stormshield's security community.

⚙️ What is the technological environment?

  • Node.js/TypeScript on the backend, React on the frontend, all in Clean Architecture with a bit of GraphQL;
  • Automated tests (Vitest, Cucumber, Gherkin), connected to XRay;
  • CI/CD in DevOps mode: Kubernetes, Docker, GitLab CI. Monitoring with Prometheus and Grafana;
  • Security strength: Keycloak, OpenFGA and cool tools to ensure;
  • Agile/Scrum mode with Jira and Confluence.

Deputy Product Security: Why Choose Stormshield?

💻 Which product?

MUM, a unified SaaS cybersecurity solution, offers an integrated and cloud-based platform designed to provide comprehensive protection against digital threats. This centralized solution combines multiple tools and features, enabling businesses to effectively manage and control the security of their digital assets, regardless of the point of access, whether on-premises, in the cloud, or on mobile devices.

🔗 What team for the Deputy Product Security?

You will be integrated into the MUM team, managed by Nina. This team consists of 25 people (Developers, Quality Engineers, DevOps, Tech Leaders, Scrum Masters, Product Owners), divided into three teams and organized into two-week sprints.

✔️ Recruitment Process

  1. An initial exchange with William, our recruitment officer, to discuss who you are and your current career goals.
  2. A phone interview with Nina, accompanied by François, Product Owner of the team. This is a first point to explain the team's functioning and the vision of the position in more detail.
  3. A technical interview with Akli, PSO, Sébastien, head of the Security team and part of the references of your future team
  4. A final meeting with Audrey to evaluate your skills and alignment with Stormshield's values and company culture.

As a human-centered company, we prioritize the integration of people with disabilities (RQTH).

Retrouvez-nous sur Glassdoor.
Inside Stormshield

Apply

  • Your Resume *
    Accepted file types: pdf, Max. file size: 5 MB.
  • * required fields

    According to French law “Loi Informatique et Libertés” of January 6th 1978 modified in 2004 and to the Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, you have the rights of access, opposition and rectification of your personal data. To exercise this request, contact : Stormshield Marketing & Communications Department Immeuble Axium Bât. D - 2ème étage 22, rue du Gouverneur Général Eboué 92130 Issy-les-Moulineaux +33 (0)9 69 32 96 29 mkt-contact@stormshield.eu

Share on

[juiz_sps buttons="facebook, twitter, linkedin, mail"]