LUXHUB, a joint initiative of BCEE, BGL BNP Paribas, BANQUE RAIFFEISEN and POST Luxembourg, aims at helping the entire digital ecosystem to take advantage of the challenges and opportunities of the European PSD2 directive and of Open Banking related initiatives.
We are creating our team with skilled, motivated, open-minded entrepreneurial people: we are therefore looking for an exceptional Cybersecurity & SecDevOps Engineer, interested in Cybersecurity, APIs and application security, who will actively contribute to the set-up, on-going management and evolution of LUXHUB platform and its hardening.
Key responsibilities will include:
- Architect, design, deploy & operate security controls throughout Secure Software Development Lifecycle and into applications architecture
- Build Security into the IT Infrastructure, orchestration platform and CI/CD
- Perform security assessments such as risk assessments, code reviews, threat modelling and controls compliance checks to identify, prioritise and remediate vulnerabilities during the various phases of the SSDLC
- Support the CISO in developing Security Policies, Processes and Standards, as well as conducting security training for IT Staff;
- Contribute to the deployment of preventive and detective security controls, a.o. through the development of SIEM Use Cases and by supporting the Security Incident Response Process.
- Master degree in Computer Science, Information Systems or a related field
- Good understanding of Infrastructure and APIs security: Cryptography, Authn & Authz, Federation, as well as OWASP (TOP 10 vulnerabilities & controls)
- Must have understanding of SecDevOps culture and tools (GitOps, CI/CD).
- Strong experience in Application Security (threat modelling & risk analysis, secure build testing) and deployment of tools (SCA, SAST, DAST)
- Previous experience in Penetration Testing and application code security reviews would be an asset.
- Ideally experience or exposure to Infrastructure hardening, Cloud and containerization technologies (Kubernetes, Docker) and associated security concepts.
- Ability to provide innovative, creative solutions to tasks/problems following best practices
- Strong analytical, problem-solving and communication skills required
- Balance a self-motivated, independent work as well as strong team spirit
- Comfortable within a start-up environment, with a demonstrated entrepreneurial spirit
- Perfectly fluent (both written and verbal) in French and English; any other language will be considered as a real advantage
If you are interested in working in a start-up environment, facing new challenges everyday together with a highly motivated team, please send by email your application with detailed curriculum vitae to “firstname.lastname@example.org” – reference “Cybersecurity & SecDevOps Engineer”