We are currently looking for an
Expert in Secure Development
to strengthen the Cronos Europa team.
DESCRIPTION OF THE TASKS
1. Application Security Design
2. Supports the design of secure IT architectures and ensures compliance with Commission security policies and standards.
3. Collaborates with IT development, operations, and architecture teams to embed security throughout the application lifecycle.
2.Security Requirements & Technical Actions
* Assists in defining and implementing security requirements within IT projects.
* Supports security control integration in development and infrastructure.
3.Documentation & Compliance
* Helps maintain security documentation for audits and compliance.
* Assists in drafting security assessments, architecture security blueprints, and configurations.
4.Application Security Implementation
* Promotes secure development practices and ensures their adoption.
* Works with DevSecOps teams to strengthen security in software development.
5.Risk Analysis & Security Policy Compliance
* Conducts risk assessments and proposes mitigation actions.
* Supports alignment with Commission risk management methodologies.
6.Vulnerability Testing & Remediation
* Coordinates vulnerability assessments and penetration testing follow-ups.
* Assists in remediation planning and tracking corrective actions.
7.Incident & Threat Categorization
* Supports incident classification and response prioritization.
* Collaborates with IT operations to ensure proper handling of security events.
8.Security Training & Awareness
* Delivers training sessions on security best practices.
* Helps create awareness programs for secure development and risk management.
9.Security Strategy & Implementation
* Assists in defining security plans, access management strategies, and risk mitigation frameworks.
* Supports long-term cybersecurity initiatives within the IT ecosystem.
KNOWLEDGE AND SKILL
* Good knowledge of secure coding frameworks and guidelines,
* Good knowledge of security practices for cloud environments.
* ISO Standards and Risk Management: Comprehensive knowledge of ISO Information Security Management), ISO Code of Practice for Information Security Controls), and ISO Information Security Risk Management).
* Ability to understand, speak and write English (level C1)
* Awareness of developments in the AI Act and its potential implications for IT security and data protection
* Knowledge of the NIS2 Directive for network and information systems security in the EU.
* Good communication skills with technical and non-technical audiences
* Ability to give business and technical presentations & to write clear and structured documents
* Ability to engage, to understand the constraints/objectives and positively influence a wide range of stakeholders
* Capability of integration in an international/multicultural environment, rapid self-starting capability and experience in working in team;
* Excellent Team Player
SPECIFIC EXPERTISE
* at least 3 years of specific expertise in IT security applied to software development
* at least 3 years of specific expertise cloud security frameworks and guidelines, such as the Cloud Security Alliance (CSA) Cloud Controls Matrix
CERTIFICATIONS & STANDARDS:
* Mandatory certification (one of): Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP)
or equivalent
Why Cronos Group?
We'll propose you:
* An attractive salary package
* A good work-life balance environment
* The assurance of working in cutting-edge technologies in an entrepreneurial spirit.
* The opportunity to develop your skills thanks to tailor-made training courses according to your needs
* A good job in a friendly place
If you wish to integrate a dynamic structure on a human scale while working with the latest technologies, don't wait anymore and join Cronos