In DIGITAL Cyber Security Dept, we are looking for a Cybersecurity DevSecOps Expert into our Risk Monitoring & Compliance Team. The position will be focus on Application security and code check related to application development. The Team is global and responsible for monitoring the level of cyber risk exposure and decreasing the attack surface.

Main missions:

• Contribute to develop and improve and promote the DevSecOps activity and associated processes.

• Support the Digital Accelerator and the Digital teams providing the right information.

• Make understandable the Cyber risk and how to remediate.

• Manage and support our Cyber services in the DevOps ecosystem.

• Contribute to deliver the appropriate dashboards to manage the activity

Key Responsibilities:

• Promote the Cyber roadmap and key services

• Always contextualize the risk and make sure it is understood by the business stakeholders.

• Deal the best for Cyber risk and make the right balance.

• Do not trust but perform check and control

• Build automation everywhere you can and industrialize our cybersecurity processes.

Profile:

Formal Education and Experience Required

• University/Master’s Degree in Computer Science, preferably in Cybersecurity.

• Application Security and Penetration testing experience.

• Computer Programming skills, especially in Python and powershell.

• 5 to 7 years of professional experience in application development, of which 3 to 5 years is in DevOps or Cybersecurity.

• Security Certifications like CISSP or CEH (Certified Ethical Hacker) are welcome.

Expertise and Competencies

• Large knowledge in IT, network and infrastructure, cloud hosting, development frameworks and devops environments.

• Expertise as a penetration tester at the application level.

• Expertise in OWASP and MITRE attack framework.

• Basic scripting skills in Python, Powershell and Visual Basic are expected. More advanced programming skills are not required but would add strongly to the profile.

• Leadership and strong communication skills to support business interaction.

• Ability to translate complex technical stories into non-technical language is necessary.

• Mastery of English is required.

Sanofi Inc. and its U.S. affiliates are Equal Opportunity and Affirmative Action employers committed to a culturally diverse workforce. All qualified applicants will receive consideration for employment without regard to race; color; creed; religion; national origin; age; ancestry; nationality; marital, domestic partnership or civil union status; sex, gender, gender identity or expression; affectional or sexual orientation; disability; veteran or military status or liability for military status; domestic violence victim status; atypical cellular or blood trait; genetic information (including the refusal to submit to genetic testing) or any other characteristic protected by law.

#GD-SA
#LI-SA

At Sanofi diversity and inclusion is foundational to how we operate and embedded in our Core Values. We recognize to truly tap into the richness diversity brings we must lead with inclusion and have a workplace where those differences can thrive and be leveraged to empower the lives of our colleagues, patients and customers. We respect and celebrate the diversity of our people, their backgrounds and experiences and provide equal opportunity for all.