Infrastructure Specialist

Job Title: Infra structure, Secure SDLC, DevSecOps Developer

Location: Paris

Experience: 8-30 Years

Language: Looking for French speakers

Job Summary:

We are seeking a seasoned and proactive Senior Infrastructure & DevSecOps Architect with 8+ years of experience in managing enterprise IT infrastructure, driving secure software development practices (Secure SDLC), and embedding security in DevOps pipelines. This role is responsible for architecting secure, scalable, and automated environments while ensuring adherence to security best practices throughout the software lifecycle.

Key Responsibilities:

Infrastructure & Architecture:

Design, deploy, and manage robust, scalable, and high-availability infrastructure (on-premises, cloud, or hybrid).

Lead infrastructure modernization initiatives using containerization, IaC (e.g., Terraform, Ansible), and orchestration tools (e.g., Kubernetes, Docker).

Monitor infrastructure performance and optimize for cost, availability, and resilience.

Secure SDLC Implementation:

Integrate security across the software development lifecycle (planning, development, testing, deployment).

Develop and enforce coding standards, threat modeling, secure code reviews, and static/dynamic analysis.

Work closely with development teams to ensure compliance with security policies and best practices.

DevSecOps Enablement:

Build and manage CI/CD pipelines with embedded security controls (e.g., SAST, DAST, SCA, secrets scanning).

Integrate tools like GitLab, Jenkins, SonarQube, Checkmarx, and Aqua Security into the DevOps toolchain.

Automate security testing, compliance checks, and infrastructure hardening within DevOps processes.

Governance & Risk Management:

Ensure alignment with regulatory standards such as NIST, ISO 27001, SOC 2, or GDPR.

Conduct risk assessments, vulnerability scans, and incident response planning.

Collaborate with InfoSec, compliance, and engineering teams to ensure a strong security posture.

Qualifications & Skills:

Bachelor's or Master's degree in Computer Science, IT, or a related field.

8+ years of experience in IT infrastructure, security architecture, and DevOps/DevSecOps roles.

Expertise in cloud platforms (AWS, Azure, GCP), Linux/Windows systems, and container orchestration.

Strong knowledge of Secure SDLC methodologies, OWASP Top 10, and application security.

Hands-on experience with DevSecOps tools and automation frameworks.

Industry certifications preferred: CISSP, CISM, AWS/Azure Architect, CEH, or GIAC DevSecOps.