The post in a nutshell:
The secure development specialist intervenes in support of the development teams in order to accompany the developers in taking into account the security requirements. It tests the security of developments and monitors the correction of identified vulnerabilities.
Equivalent title: Application Security Specialist, Software Security Specialist, Application Security Expert, Secure Development Expert
- Define or contribute to the definition of secure development guides
- Contribute to the choice of code review solutions
Support for development teams:
- Participate in the drafting of application security requirements
- Enforce good development security practices on projects and, in the integration phase, contribute to sprints to follow security reviews for developments using the agile method
- Provide developer training in secure development techniques and security risks based on secure development frameworks on the market; train them in code review tools
- Assess the proper implementation of security requirements through application audits and code reviews
- Prioritize the vulnerabilities encountered and support developers in the proper consideration of remediation measures
Sharing of knowledge and technology watch in its field of expertise:
- Ensure a technological watch on secure development techniques
- Propose solutions to improve security within its scope of expertise
Our advice: this position is open to women and men. Motivation and the desire to learn are the fundamental qualities for the success of your project. Don’t put a barrier on yourself, you can do it.
- Software development and software engineering (from a security perspective): application design and development
- Software development and software engineering (from a security perspective): application code testing
- Software development and software engineering (from a security perspective): knowledge of software vulnerabilities
- Intrusion tests: mastery of technical security audit techniques
- Development knowledge (embedded codes, design languages, etc.)
- Contribution of architectures to security: integration of systems Security innovation
- Pedagogy on cybersecurity topics
- Ability to work in a team
- Ability to define procedures
Description of the profession in the ANSSI directory
As part of an agile approach, the secure development specialist works within the teams to define user stories and abuser stories and monitor the consideration of anomalies (DevSecOps approach). In addition to skills in application security, the job will require skills in operational management of system security and middleware security.
How to get into the job
Education: Bac +5, with a specialization in development and cybersecurity 5 years of professional experience in IS security Occupation accessible from development experience
Our Master program is adapted to professions with supervising responsibilities and addresses specific cybersecurity requirements. It allows you to deepen and refine your knowledge and skills in one of our 3 specialisations: Information Technology (IT), Industrial (OT) or Management of Cybersecurity Operations (SOC).
The complete career guide
Condimentum lacinia quis vel eros donec ac odio. Nibh cras pulvinar mattis nunc sed blandit libero volutpat. Facilisis gravida neque convallis a cras semper auctor neque vitae.
Same field jobs
Our school provides training in 21 cybersecurity jobs, from technical to supervising positions, from IT operations to industrial systems security. Here is the list of jobs you will be trained for by attending one of our training programs.