Software Development Engineer - Security Whitehat Engineer (R&DSB-16-12)
Nice (Alpes-Maritimes) Conception / Génie civil / Génie industriel
Description de l'offre
Shaping the future of travel is important to us at Amadeus. Today, with technology getting smarter by the minute, that future is more exciting than ever.
Our business success relies on our people being always passionate about what we do. We believe in aiming for excellence, taking responsibility, working together and putting our customers first.
We encourage you to be part of new and exciting projects and for you to take the lead when it comes to your progression.
Business Environment
The Framework and Process Industrialization Department is part of SEE-DDS whose mission is to develop e-commerce solutions specific for airlines.
The main purpose of FPI Department is to help developing new technical solutions that will be used for Amadeus e-commerce solutions and to help our teams to easily develop and operate our solutions.
Overall Position Objective
We are recruiting a Security professionalsto work in a blended team of Research & Development technologists in Java back-end and Front-end side. We’re looking for an experienced developer who is passionate about Security development practices.
She/he will contribute to the management of information security in Amadeus with focus on providing consultancy to other departments, driving security-centric projects and monitoring security compliance.
She/he will be responsible for planning, coordinating, and implementing security measures for information systems to regulate access to computer data files and prevent unauthorized modification, destruction, or disclosure of information.
Job Requirements
Day to Day You will:
· Coordinate the elaboration, update, publishing and promotion of the Application security architecture and its strategy.
· Initiate or support risk analysis, translating their outcome into security policies, requirements, and standards and into consistent and optimized (with respect in particular to cost & effectiveness) set of security controls.
· Promote and legitimate Application security architecture and strategy.
· Support Application Security architecture strategy implementation (expertise, design review and approval, design adjustments and ad-hoc palliative measures …)
· Support the developers in the applying the PCI-DSS requirements and in all the aspects of the PCI-DSS certification.
· Support new Projects, new initiatives & businesses with respect to Application security architecture and setup issues: Support or leads the design of corresponding set up. Recommend how to align on security reference architecture and corresponding security controls.
· Provide consultancy, guidelines and support in Application security architecture to other departments.
· Contribute to Application security governance processes definition
· Contribute to global security risk analysis: conduct, coordinate or support security related Risk Analysis management process.
· Contribute to Application security awareness promotion.
· Develop, implement, maintain the Information Security Program including computer security and emergency measures policies and procedures.
· Monitor the Information Security Program effectiveness and update as necessary.
· Advise and support General Management in all information security related matters, alerting to risks and proposing solutions to minimize them.
· Promote information security awareness and responsible user behavior.
· Be comfortable travelling when required.
Education
· Computer Science Degree
· Fluent English both oral and written
Functional Skills
· Knowledge on Ethical Hacking, Webportal testing, network testing, penetration testing.
· Other Amadeus Products (Booking Engine) would be a plus.
Technical Skills
· Programming skills (Java, JavaScript…)
. Security aspects
. HTML-CSS-JS-Angular
Experience
· 2 to 5 years in a technical position
The posting of vacancies and the treatment of applications are, in each Amadeus location, subject to national law and possible collective agreements with local staff representation. Internal Mobility policies vary from office to office, please check with your local HR representative the requirements and policy in place. E.g. a minimum time on position or Line Manager approval may be requested.