Application Security Manager

Application Security Manager

We are looking for an experienced Application Security Manager to strengthen our Cloud Platform organization. In this role, you will drive our global DevSecOps strategy, ensure security and compliance across our platform and pipelines, and enable engineering teams with world‑class tooling and automation.

Success Criteria

Responsible for implementing technical and logical security controls across all phases of software development lifecycle and the supporting infrastructure.

Platform Security & DevSecOps Strategy

• Define and drive the DevSecOps strategy for the Sonepar Cloud Platform.
• Integrate security best practices into CI/CD pipelines, build systems, and deployment workflows.
• Ensure compliance with enterprise security standards, regulatory requirements, and cloud governance policies.
• Lead threat modeling, security reviews, and the design of secure architectures.
• Ensure the platform supports effective security monitoring, detection, and incident response, working closely with Cyberdefense teams to implement appropriate logging, alerting, and response capabilities.

Secure CI/CD & Automation

• Architect and maintain secure, scalable CI/CD pipelines enabling product teams to release with high velocity and confidence.
• Implement automation for code scanning, dependency analysis, container security, secrets management, and runtime protection.
• Partner with SRE and Cloud Engineering to integrate security as code across the entire ecosystem.

Cloud Security Engineering

• Lead the implementation of cloud‑native security controls across Azure resources (identity, networking, compute, data).
• Drive configuration hardening, policy enforcement, and continuous compliance using automation frameworks.
• Collaborate with the Security & Compliance team to operationalize zero‑trust principles.

Operational Excellence & Incident Preparedness

• Support the Cloud Operations & SRE teams during security incidents or vulnerabilities, ensuring rapid and coordinated remediation.
• Build processes, playbooks, dashboards, and alerting related to platform security and DevSecOps.
• Drive continuous improvement of our security posture and operational resilience.

Leadership, Coaching & Collaboration

• Manage and coordinate the security consultants contributing to the Digital Factory Cybersecurity initiatives, ensuring alignment with priorities and standards.
• Act as the DevSecOps reference within the Cloud Platform organization.
• Coach engineering teams on secure development practices, tooling, and cloud security patterns.
• Influence architecture decisions and platform roadmap with a strong security mindset.
• Represent the Cloud Platform in security governance and reviews with stakeholders across regions.

Qualifications

• 7+ years of experience in DevOps, SRE, Cloud Engineering, or Security Engineering roles.
• Strong expertise in Microsoft Azure, cloud‑native security controls, and infrastructure‑as‑code (Terraform).
• Proven experience building and securing CI/CD pipelines (GitHub Actions, Azure DevOps, GitLab CI, Jenkins, etc.).
• Deep knowledge of container security, Kubernetes, API security, secrets management, and identity (Azure AD).
• Experience with vulnerability management, code analysis tools, and security automation.
• A mindset focused on reliability, scalability, and automation.
• Strong communication, leadership, and cross‑team collaboration skills.

Benefits

• A global impact role within one of the world's largest B2B groups.
• A modern, cloud‑first, product‑centric organization.
• The opportunity to shape a world‑class secure cloud platform used by thousands across the company.
• A collaborative environment with strong engineering culture (SRE, DevOps, Platform Engineering).
• A role at the heart of Sonepar's digital transformation.
• 75% reimbursement of your monthly or annual transport pass.
• Swile Ticket restaurant card.
• Gym exclusively reserved for the company and made available to employees free of charge.
• Sustainable mobility package.
• Health insurance & Welfare.
• Employee Savings Plan & Profit Sharing Bonus.

Work Mode & Location

Hybrid: 3 days in Paris (8ème) after the trial period.