Application Security+Code Review

About Atos Group

Atos Group is a global leader in digital transformation with c. 67,000 employees and annual revenue of c. €10 billion, operating in 61 countries under two brands — Atos for services and Eviden for products. European number one in cybersecurity, cloud and high performance computing, Atos Group is committed to a secure and decarbonized future and provides tailored AI-powered, end-to-end solutions for all industries. Atos Group is the brand under which Atos SE (Societas Europaea) operates. Atos SE is listed on Euronext Paris.

The purpose of Atos Group is to help design the future of the information space. Its expertise and services support the development of knowledge, education and research in a multicultural approach and contribute to the development of scientific and technological excellence. Across the world, the Group enables its customers and employees, and members of societies at large to live, work and develop sustainably, in a safe and secure information space.

We are seeking a dynamic and results-driven Security Engineer with over three years of experience in Product Security, specializing in Penetration Testing and Application Security. The ideal candidate will play a critical role in identifying, assessing, and mitigating security vulnerabilities across web, mobile, network, and cloud environments. This position requires strong technical expertise, analytical thinking, and the ability to integrate security best practices throughout the product development lifecycle.

Key Responsibilities

• Perform penetration testing and vulnerability assessments for web, mobile, network, and cloud-based applications.

• Collaborate with engineering teams to embed secure-by-design principles and enhance application security through DevSecOps integration.

• Conduct source code reviews, threat modeling, and security architecture assessments.

• Manage and maintain the vulnerability management lifecycle, ensuring timely remediation and verification of identified risks.

• Support and coordinate with relevant teams for mitigation and root-cause analysis.

• Contribute to security automation and continuous integration pipelines to strengthen overall security posture.

• Develop and deliver security awareness and training sessions for development teams.

• Stay updated with emerging threats, tools, and industry trends to continuously enhance security practices.