ATR - Development Security Operations Expert

Expert DevSecOps (Development Security Operations)

ATR is the world's number one aircraft manufacturer in regional aviation providing a new generation of turboprops. We are a joint venture between two European aeronautical heavyweights, Airbus and Leonardo.

From the world's largest cities, to our planet's most remote regions, our purpose is to deliver air travel to people, communities and businesses in an innovative, sustainable and modern way. If you strive for excellence, are driven by ambition, trust, and respect as we are, then get your career off to a flying start with ATR!

Our leadership profile: People Centric, Entrepreneurial, Inspiring, Exemplary, Innovative, Humble. At ATR, you will work with passionate colleagues to make a difference in a human size company with attractive advantages!

We are looking for an Expert in DevSecOps (Development Security Operations) to come onboard in our Digital Transformation Directorate in Arab's team: a team of seven collaborators! The mission is in the department of "Digital transformation" in charge of IT activities as well as the strategy and deployment of the digital transformation within ATR.

Main Department missions are:

• Defining and implementing digital strategy to address operational priorities and to develop ATR business
• Managing Information Technology (IT), application, standards, and infrastructure of ATR including its subsidiaries
• Managing ATR Cyber Security, maintenance of hardware and software tools and user support.
• Managing data scientist / BI activities

The Digital Transformation direction is based on 4 pillars: IS Architecture, Support / SAP, Digital Project and Data Analytics

ACTIVITIES

You will be under the responsibility of the IS Architecture Manager and will manage the Orchestration & Automation sector.

You support project teams in the adoption of DevOps practices and the implementation of good security practices.

• Highlight security best practices
• Facilitate workshops and contribute to cloud security service implementations
• Analyze risks and develop/update product vulnerability models
• Set up DevOps tools for the deployment of applications and Infrastructure As a Code
• Securing CI/CD pipelines, services and architectures
• Write DevSecOps technical documentation

Main activities will be:

• You will be responsible and a technical expert for DEVsecOps solutions: Gitlab, Nexus, Openshift, SonaQube ....
• Contribute to carrying out risk analyzes to support project teams in understanding and taking into account security requirements
• Contribute to the establishment of a DevSecOps culture within ATR organizations: "DevSecOps Gameday", training, awareness and devsecops brainstorming workshops...
• Act as a technical security referent in support of the project / devops teams: contribute to the definition of cloud security architecture and configuration patterns (IaaS, PaaS, CaaS), to the deployment of secure solutions through AZURE managed services or third-party tools (network filtering, access management, data encryption/protection, availability management, surveillance/monitoring and control, etc.), supporting development teams by setting up CI/CD pipelines, Infra As code and secure containers
• Act as a DevSecOps referent with the run to contribute to the optimization and strengthening of security tools and operational processes
• Cyber Security check
• Contribute to the realization of security audits or control activities of security requirements in the various phases of construction and evolution of a PF cloud or CI / CD environments

PROFILE

- Engineer than 10 years' Experience - English Fluent

Our Technical Environment:

• Cloud: AZURE, AWS
• Scripting: Python, Bash, Shell…
• Programing: Python, JavaScript, Java, .Net, Angular
• CICD: Gitlab-CI, YAML
• Containers: Docker, podman
• Orchestration: Openshift, Kubernetes
• Versioning: Gitlab
• Config automation: Ansible
• Methods: Agile Knowledge on change management
• Security: SAML, PKI, SonaQube, Proxy, MFA, Nexus, Kerberos, Oauth

Soft Skills

• Proactive, creative, inventive,
• Curious and attentive to news solutions, way of working in all areas,
• Autonomous,
• Able to train and convince a team,
• Faculties of advanced analysis
• Great relational ease, listening,
• Negotiation skills,
• Organized

Specific constraints Some travels can be requested for event or sharing with ATR partners (~4/year max)

What we offer

• Highly competitive compensation package (profit and success sharing, employee savings plan…)
• Work-life balance (remote working, 6th week of paid leave, additional days off for family events…)
• Well-being / health (supplementary health & welfare coverage…)
• Career paths enabling employees to develop their skills and build a professional project
• Wide choice of development programs for soft and hard skills
• CSE: ATR (family and employee events) and Airbus CSE (travel, vacation camps …)
• Diversity and inclusion: Over 1200 men & women with more than 35 different nationalities work together in our teams!

ATR is committed to achieving workforce diversity and creating an inclusive working environment. We welcome all applications irrespective of social and cultural background, age, gender, disability, sexual orientation or religious belief.

This job requires an awareness of any potential compliance risks and a commitment to act with integrity, as the foundation for the Company's success, reputation and sustainable growth.

Company: Avions de Transport Regional (ATR) GIE

Contract Type: Permanent

Classe Emploi (France): Classe G14

Experience Level: Professional

Job Family: Digital <JF-IM-DI>

At Airbus, we support you to work, connect and collaborate more easily and flexibly. Wherever possible, we foster flexible working arrangements to stimulate innovative thinking.