Details of the offer for Ingénieur Sécurité logicielle about consulting at GFI Informatique in Sophia Antipolis


We're in particular looking for a person with good experience in penetration testing of web and mobile applications (mainly but not only OWASP top ten), who could help us perform tests on our applications using our own security lab, and also assist in processing the results of automated scanners and from external pentest campaigns (verifying validity of reported vulnerabilities and eliminating false positives, assessing their severity, opening problem tracking records and following up on their resolution whilst providing guidance when necessary on the most appropriate counter-measures).

We would also be interested in refining the checklists used for performing secure coding reviews (OWASP and CVE/Mitre), mainly of Java, javascript, and C++ code (PHP a plus).

Good knowledge of and experience in OWASP top ten and CVE/Mitre would be a must. CEH and similar certifications would be a plus.

Best regards

Fabien Jacobs