Share this Job
Apply now »
ID:  108679

Marseille, FR

Application Security Expert - Senior Pentester


CMA CGM Group, founded by Jacques R. Saadé, is a leading worldwide shipping & logistics group.

Now headed by Rodolphe Saadé, CMA CGM reinvents transport and logistics in order to offer an integrated maritime, port and land service that exceeds its customers' expectations. 

Present in over 160 countries through 755 offices, 750 warehouses, equipped with a young and diverse fleet of 511 vessels, CMA CGM serves 420 of the world's 521 commercial ports and operates on more then 200 shipping lines. The group currently employs 110,000 people worldwide, including nearly 2,400 in Marseille, in its headquarters in Marseilles.




Role :
As Application Security Expert - Senior Pentester, you will be reporting to the Application Security Manager, responsible for the security of all applicative solutions used in the group. 
You will be part of an international team of security experts, contributing to improve the security of the whole group and its subsidiaries all around the world.


Responsibilities :
To ensure the group applicative security, you will have to : 
•    Operate Application Security Penetration Tests on internal and external applications (web, API, microservices, SaaS…), but also Mobile Security testing (Android, IOS)
•    Operate internal/external infrastructure Penetration Tests
•    Produce Application Security Assessment reports
•    Participate and contribute to internal Red Team engagements
•    Supporting the internal development teams with automated security tests (SAST), software composition analysis (SCA) and advises (Security Champions evangelism)
•    Being active and informed in the Cyber Community (OWASP TopTen, OWASP Security Testing Guide, OWASP Mobile Security Testing Guide)
•    Interact with other teams (Cloud, DevOps, Security, Business…)

Profile and required skills :
•    You are graduated from a Bachelor's degree in Computer Science, Computer Engineering, IT Security or a related field; alternatively you bring equivalent demonstrated knowledge
•    You hold a certification such as OSCE, OSEP, GXPN, AWAE, OSWE…
•    You have a large IT culture, and good knowledge of infrastructure and networks
•    You have at least 5 years of experience in Penetration Testing activities (applications and infrastructure)
•    You also bring development experiences on Java or .NET applications in an enterprise environment
•    You have good knowledge in Python or PHP development
•    Experience and good understanding in containerized environments, Docker, Kubernetes
•    Experience / Knowledge with CI/CD approaches and DevSecOps activities
•    You are efficient regarding time management, you bring strong analytical and problem-solving skills, you are autonomous and passionate
•    You also bring very good communication skills both written and verbal 
•    Ideally, you also have experience in red-teaming

Come along on CMA CGM’s adventure !











Apply now »