[Alternant] DevSecOps (Cloud cybersecurity, BAC+5)

Job Title

Team description

“Security Middleware” is one of the teams in charge of the security of the cloud platform. It is composed of a group of security experts who together oversee the development, maintenance, and evolution of a set of solutions provided as middleware software to other divisions.

Part of the Security SAFe train in the cloud platform, you will become a full member of the virtual team “Secrets, Keys and Certificates”. We are looking for a DevSecOps or software engineer with DevOps skills to tackle a wide range of activities in the field of cybersecurity applied to a cloud environment.

Summary of the position

In the context of the cloud migration, Amadeus’ entire IT environment is subject to a major technical redesign with new challenges and new opportunities. From an infrastructure exclusively located in a bastion datacenter to a fully distributed ecosystem of applications on Microsoft Azure public cloud, the security of the platform is severely impacted, and new types of attacks are emerging. You will participate in the design of the future security landscape for Amadeus cloud applications. The team is in charge of developing and operating solutions to help the other applications ensure the necessary controls are in place to protect Amadeus’ assets to a level equivalent to what they used to be on a physical private datacenter environment.

This position will allow you to explore a range of technologies – the team is known for the diversity of the components we own and the great challenges that result from it! –:

• CryptoManager is a middleware library that ensures the interface between applications and Hardware Security Modules (HSMs), one of the most secure cryptographic devices available on the market.
• Secret Management with the CyberArk Daemon and the Secret operator, two pieces of software that must propagate secrets following the strictest security standards and directly interacting with Azure KeyVaults, along with the necessary automation to handle the complexity of the cloud.
• Certificate Management tools with our orchestrator Venafi to never miss a certificate expiry ever again.
• Key Management tools: Sekhmet for point-to-point client authentication, Praxis encryption, and others, …
• Encryption at-rest and in-transit.

The proposed mission could more specifically focus on monitoring and alerting, vulnerability management and automating support for of our solutions.

Main expectations

We are seeking dynamic candidates with interests in the following areas:

• Strong interest in Cybersecurity.
• Multi-language competency: C++, Java, Python, …
• System administration and automation activities: Unix, Shell, Jenkins, Terraform, Terragrunt, Ansible.
• Cloud competencies: Microsoft Azure Cloud, Kubernetes, Docker.
• Optional: the team is working in SAFe: knowledge of the framework is a definitive plus.
• Optional: cybersecurity certifications.
• Keen on learning new technologies.
• Self-starter and team player, ability to work independently.
• Ability to drive technical initiatives.
• Rigorous problem-solving skills.
• Pedagogy and ability to teach and support others in their activities.
• Ability to work in multi-cultural environments.
• Creativity, innovation.

Diversity & Inclusion

Amadeus aspires to be a leader in Diversity, Equity and Inclusion in the tech industry, enabling every employee to reach their full potential by fostering a culture of belonging and fair treatment, attracting the best talent from all backgrounds, and as a role model for an inclusive employee experience.  

Amadeus is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to gender, race, ethnicity, sexual orientation, age, beliefs, disability or any other characteristics protected by law.