(M/W) DevSecOps Engineer

Wandercraft is hiring!

About

Chez Wandercraft, nous concevons, fabriquons et vendons des robots dont la mission est d’aider les humains à faire ce qu’ils ne peuvent pas faire. Nous mettons en oeuvre les technologies d’AI et de robotique les plus avancées dans les métiers de la santé et de l’industrie.

Atalante X, le premier exosquelette de marche autonome au monde, est utilisé dans plus de 100 centres de rééducation sur 4 continents, et permet à des patients qui ont perdu la marche de ré-apprendre à marcher. Avec Atalante X ils font plus d’un million de pas chaque mois.

Après plus de 10 ans sur le terrain et des milliards de pas analysés, nous lançons Eve, le premier exosquelette personnel auto-équilibré, pensé pour aider les utilisateurs en fauteuil roulant à se lever et marcher dans leur vie quotidienne, chez eux et dans la ville.

Enfin, nous commençons à appliquer notre technologie dans l’industrie, avec la gamme de robots humanoïdes Calvin. Calvin-40, notre premier modèle, a été conçu en 40 jours pour soulager les opérateurs en usine des tâches pénibles ou dangereuses. Bientôt une évolution de Calvin accompagnera des personnes avec une autonomie réduite dans leurs gestes quotidiens.

Depuis Paris et New York, notre équipe de 110 ingénieurs, cliniciens, chercheurs et opérateurs est unie autour d’une même mission : concevoir des robots qui améliorent la vie des humains.

Ce n’est pas une simple équipe que nous assemblons : c’est une aventure portée par des esprits curieux, engagés, des pionniers prêts à construire un futur qui a du sens.

Envie de rejoindre l’aventure ? Viens façonner avec nous la prochaine génération de robotique humanoïde, alimentée par l’IA et guidée par l’humain.

Job Description

Version française disponible sur demande.

We are seeking a skilled DevSecOps Engineer to join our dynamic team. In this role, you will be responsible for building and maintaining the tools and infrastructure that support fast and automated software delivery, as well as integrating security practices into our DevOps processes, ensuring that our software is both secure and delivered efficiently. As a DevSecOps Engineer, you will work closely with development and IT teams to support and improve our CI/CD, automate security measures and conduct vulnerability assessments. This role offers the opportunity to make a significant impact on our company's security posture and contribute to the development of innovative solutions.

Reporting to the Head of Embedded Critical System, the DevSecOps Engineer for Embedded Development will be responsible for the following duties:

  • Create, support, maintain, and enhance automated Continuous Integration (CI) pipelines with GitLab and GitLab runner components running within automated builds, static code analysis, software composition analysis, unit, component, and system testing, containerization, and deployment activities

  • Design, support, maintain, and upgrade software such as GitLab, CMake, Docker, Conan, various compilers and tools, etc

  • Handle configuration management and environment provisioning

  • Handle package dependencies and versions (python, conan)

  • Optimize build time (cache policy)

  • Certificate management (pki infrastructure)

  • Integrate security best practices into the DevOps pipeline, ensuring secure software delivery

  • Conduct regular vulnerability assessments and provide recommendations for remediation

  • Collaborate with development and IT teams to design and implement security solutions

  • Automate security processes, including vulnerability scanning and incident response

  • Stay up to date with the latest security trends, threats, and technologies

  • Respond to security incidents and lead post-incident investigations

  • Troubleshoot deployment failures or infrastructure issues

  • Collaborate with IT to define and deploy solutions for large data set management (AI training)

  • Maintain and propose solution for internal tooling servers logs)

  • Document processes & development

Preferred Experience

• Bachelor's degree in Computer Science, Information Security, or a related field

• Required experience:

  • 5 years proven experience in a DevSecOps or related role in an Embedded Development Context

  • Proficiency in security and DevOps tools such as Docker, Conan, gitlab, and security scanning tools

  • Strong experience with continuous integration and continuous delivery (CI/CD) pipelines

  • Experience with automation and scripting languages (e.g., Python, Bash)

  • Understanding of cloud platforms (e.g., AWS) and their security features

  • Excellent problem-solving and analytical skills

• Must-Have Skills:

  • Strong expertise in DevOps and security tools (e.g., Gitlab, Docker, Conan)

  • Experience with cloud security and cloud platforms (AWS)

  • Proficiency in scripting and automation (Python, Bash, etc.)

  • Hands-on experience with vulnerability assessment and penetration testing tools

  • Knowledge of security compliance frameworks (e.g., ISO 27001, NIST, GDPR)

• Hard Skills:

  • DevOps and Security Tools: Proficiency in tools such as Gitlab, Docker, Conan, and security scanning tools

  • Incident Response: Skills in responding to and managing incidents

  • Automation: Expertise in automating processes and integrating them into CI/CD pipelines

  • Vulnerability Assessment: Experience in identifying and mitigating security vulnerabilities

  • Security Integration: Ability to embed security protocols into the DevOps pipeline

  • Experience with database is a plus

• Soft Skills:

  • Problem-Solving: Strong analytical skills to identify and resolve complex issues

  • Communication: Clear and effective communication with technical and non-technical stakeholders

  • Attention to Detail: Meticulous approach to identifying and addressing security vulnerabilities

  • Collaboration: Ability to work effectively in a team environment and foster a culture of shared responsibility for security

Additional Information

  • Contract Type: Full-Time
  • Location: Paris
  • Occasional remote authorized