335/2023 - Senior Application Security Expert

With a presence in multiple sectors like Banking, Financial Services, Retail, and others, Syone for the past couple of years has been investing in its Security and Privacy solutions. At this stage, we are on track with our road map for this area, achieving a ISO27001 certification and working with several clients, building teams therefore looking for professionals with different experiences to help us and be ahead in all our challenges.

We are present in different Security fronts that directly affect our clients' operations, seeking to assist them in their goals through a wide range of challenges and initiatives. Currently, we are committed to several projects, both nationally and internationally, in some of them defining Cybersecurity’s Strategy & Processes from scratch, encompassing Security Architecture & Governance, Security Engineering, Vulnerability & Incident Management, Privacy Assessment,  IAM and so on.

Always seeking the best tools and methodologies available in the market, we have a solid commitment to open-source solutions, having total freedom to explore and maintain continuous learning on our teams – Syone’s long and lasting partnership with Red Hat and a recent partnership with Sermicro are important partners on this journey.

In this sense, we're looking for a Senior Application Security Expert to join our client's Cybersecurity & Digital Fraud delivery teams in Portugal. As an extend team of the French central team, you will be part of the Global Services team as the “Core team Appsec” service dedicated to support the Group AppSec Program deployment. The Global Services team is responsible to build Group-wide international set-up to reinforce Cybersecurity capabilities and deploy Cybersecurity services.

Requirements

Main Tasks:

•  Be part of the Application Security Core Team of IT Group Cybersecurity and Digital Fraud;
• Contribute to the deployment of the Application Security strategy of the Group, by participating as a key actor of its deployment Program;
• Provide operational support to Group’s entities in their implementation of the AppSec Strategy, may it be related to their organization, operating model, processes, or the analysis and treatment of their vulnerabilities (N3 support level on the AppSec thematic);
• Collaborate with solution providers to fix issues impacting the service (management of support tickets);
• Animate the Application Security governance of the Group by taking part to or leading associated committees;
• Identify Application Security rules, requirements and guidelines which may need to be created or updated, based on entities feedbacks and AppSec Core Team’s observations;
• Participate to the creation and update of those documents;
• Report on the global Application Security level of the Group by consolidating collected metrics and KPIs.

Technical Skills:

• IT Risk and Cyber Security with a focus on Application Security topic - Expert
• Risk Knowledge & Awareness - Expert
• Vulnerability Management - Practice
• Offensive Security - Practice
• Software development, review and testing - Practice
• Software Architecture Design - Practice

What can Syone offer me:

• Integration in an organization with profound and sustained growth and involvement in pioneering projects with innovative technological solutions;
• Strong IT training plans;
• Professional evolution with intervention in ambitious technological projects, both national and internationally.