PSIRT Core Developer R&D (M/F)

Bull is a story. One with a century of European innovation and a working environment where experts design powerful, sustainable, and sovereign digital solutions, enabling states and industries to retain full control over their data and their AI.

Bull is also thousands of engineers, researchers and passionate tech people shaping the future of high-performance computing, AI, and quantum technologies.

Every day, our teams push the boundaries of what is technologically possible – from next-generation HPC architectures to exascale supercomputers – supported by world-class R&D, more than 1,600 patents, and unique end-to-end capabilities spanning hardware design, software engineering, data science and quantum research. We are a people-centric, innovation-driven company, where collaboration spans Europe, the Americas and India. We share a common vision of a responsible and sustainable innovation that delivers concrete impact for our customers.

Organizational context:

 The Product Security Incident Response Team (PSIRT) is a dedicated team focused on the security of the product developed in Atos BDS. Its objective is to triage the vulnerabilities potentially affecting them and to ensure they are remediated in time. The PSIRT core team is not directly involved in the implementation of remediation, which remains to be done by development teams.

Its role is to: 

• Monitor the potential threats to the security of Atos BDS products.

• Make a first triage on the potential vulnerabilities.

• Liaise with the product teams to further analyze the vulnerabilities and decide over remediation.

• Prepare security advisories related to Atos BDS products.

• Notify relevant authorities in compliance with regulations (notably the Cyber Resilience Act)

• Track the remediation with the support of development teams.

The PSIRT interacts with:

• Product R&D teams through Product Security Officers, to ensure in-depth analysis of potential vulnerabilities and remediation availability.

• Support teams to help addressing Customer issues with respect to vulnerability remediation.

• Product Managers to help prioritize remediation and assess security risks.

• The Chief Product Security Officer (CPSO) who is responsible for the overall governance of Product Security in Eviden’s delivered products.

Role description: The PSIRT Core Developer:

• Contributes to the 7/7 main monitoring mission of PSIRT in triaging the discovered vulnerabilities.

• Develops the features of the PSIRT automation tools to improve PSIRT efficiency.

• Interacts with Engineering, Support, and Product Management to confirm vulnerabilities, assess their risk, and elaborate and validate workarounds and remediation.

 Key competencies:

•    Knowledge of scripting languages, especially python and bash.
•    Knowledge on vulnerability management and reporting procedures
•    Knowledge on security concepts for administrators especially those useful in a production environment
•    Fluent written and spoken English Fluent written and spoken English.
Nice to have:
•    Knowledge on cybersecurity tools, best practices, CISO role and ISO 27001 processes
•    Experience in Cybersecurity area: access control, encryption / collecting & analyzing events.