Security Analyst/Architect

Description De L'offre D'emploi

Joining Cnexia is choosing to be part of an ambitious project that values Innovation, promotes Continuous Learning and enables all tech champions to fulfill their creative dreams.

At Cnexia, we do more than support the clients of our world-class network and services. We develop innovative solutions and create original multiplatform media content. In fact, we’re revolutionizing how Canadians communicate on the web, interact with Mobile Apps or benefit from an AI-enhanced experience.

Proud of our status as a fully owned Moroccan subsidiary of the largest Canadian Telecom company, we have been ceaselessly growing our team since 2021. With over 1100 employees, mainly based in Fez, we have expanded in the northern region of the kingdom with our Brand-new state of the art site in Technopolis Rabat.

If you are ready for this challenge, we invite you to join a community that values bold ideas and professional growth all in an engaging multi-cultural world-class environment.

Compétences et expérience requises

Main Accountabilities

* Incoming project/epic reviews. Participation in PI planning sessions with delivery teams, to understand epics and provide security guidance.
* Drive security initiatives for systems in scope of Corp Sec directives, in alignment with objectives.
* Collaborating with ARTs to review their planned and in-flight work, to ensure system security gaps and risks are identified, and planned for remediation.
* Enforcement of SSDLC practices within ARTs, including review of application security bugs identified during source code scans, use of bug-free open source components in code, and review of penetration testing findings.
* Should be comfortable with security reviews, and providing sign-off/approval on behalf of security.

Critical Qualifications/Competencies

3 to 5 years of working experience with the following :

* SSDLC Experience : Understanding of the methodology of a secure software development lifecycle.
* Secure Application Architecture : Security architecture understanding and experience, with an emphasis/bonus if experienced with web-based applications.
* Threat Modelling : Understanding of threat modelling methods, and can produce a threat model.
* Secure Application Code Development : Understanding of secure code development, as there will be regular interaction with development teams to review their application code, and alignment to a DevSecOps practice.
* Penetration Testing : Experience with penetration testing methods and tools. Bonus if aware of automated penetration testing tools.

Benefits

What we can offer as your future employer :

* A multinational exciting working environment with the latest technologies
* Development and further training opportunities for shaping and realising your career goals (Certifications, courses via online plateformes...)
* Competitive and performance-based remuneration
* 100% Remote Work