SERMA SAFETY & SECURITY

13 Jobs

199 Employees

About the Company

SERMA Safety & Security is your single point of contact for the security and dependability of your products and systems.

Because Cybersecurity and Dependability are intricately linked, and the Security of connected objects has to be managed at system level, SERMA Safety & Security has developed a one-stop comprehensive offer incorporating Expertise, Evaluation,Consultancy and Training , covering hardware, software and information systems.

Created in 2015, SERMA Safety & Security, known as S3, is renowned for its expertise in the field of safety and security - the result of over 20 years' experience:

> The security lab, created in 1998 , which carries out several hundred security evaluations each year in France and abroad (ranging from electronic chips to the full electronic system)
> A specialised business line devoted to Consultancy, Training and Expertise, carried over from Surlog and OPALE Security, two firms that have since been integrated into the company

The company provides support to every sector and application cases for which data confidentiality, assets protection, service security, service availability & integrity, operations safety, etc. are of prime importance. Typical applications as embedded and connected systems, product and industrial security, internet of things, information systems are the kind of subjects that SERMA experts are accustomed to manage.

SERMA's offer is organized with the following activities:

> Security formal evaluation, provided by a security laboratory licensed by the French ANSSI security agency
> Security expertize and consulting
> Safety expertize and consulting

WE ARE HIRING !
Do you want to find out more about our business lines? Our projects? The benefits of being part of SERMA?
Get in touch with our employees on LinkedIn or contact us!

Listed Jobs

Company Name: SERMA SAFETY & SECURITY
Job Title: Consultant cybersécurité des systèmes embarqués (KSC/IEC/112025)
Job Description: **Job title**: Embedded Systems Cybersecurity Consultant **Role Summary** Provide expert assessment and mitigation of cybersecurity risks for embedded and industrial control systems. Apply industry‑recognised risk‑analysis frameworks and standards to ensure compliance and resilience across automotive, aerospace, IoT, and industrial sectors. Collaborate with engineering teams to embed security throughout the development lifecycle. **Expectations** - Deliver comprehensive risk assessments and actionable security recommendations on a project basis. - Maintain up‑to‑date knowledge of evolving cybersecurity standards and regulations. - Operate independently while effectively coordinating with cross‑functional technical teams. **Key Responsibilities** - Conduct security risk evaluations using methodologies such as EBIOS 2010, EBIOS RM, and TARA. - Propose and validate security controls aligned with ISO 21434, IEC 62443, UN R155, NIST frameworks, and other relevant references. - Enable continuous improvement of embedded system security posture by integrating best‑practice solutions. - Advise stakeholders on security requirements, compliance status, and mitigation strategies. - Support diverse industry clients, tailoring security insights to specific domain needs (automotive, aerospace, IoT, industrial). **Required Skills** - Proven experience in embedded systems security risk analysis. - Deep familiarity with ISO 21434, IEC 62443, UN R155, NIST, and related standards. - Proficiency with risk assessment tools and methodologies (EBIOS, TARA). - Strong analytical, problem‑solving, and communication abilities. - Ability to work autonomously and collaboratively in multidisciplinary teams. **Required Education & Certifications** - Bachelor’s or Master’s degree in Cybersecurity, Computer Science, Electrical Engineering, or related field. - Relevant cybersecurity certifications (e.g., ISO 21434 Lead Implementer, CISSP, CISM, or equivalent). - Optional: additional certifications in embedded systems design or specific industry standards.

Île-de-france, France

On site

Senior

30-10-2025

Company Name: SERMA SAFETY & SECURITY
Job Title: AMOA IAM (H/F) - (KSC/PSC/112025)
Job Description: Job Title: IAM PMO Assistant (Assistant Project Manager – IAM) **Role Summary** Support the operation of privileged account authorizations through the IAM platform IDENT‑IT, including profile modelling, documentation, testing, coordination with the IAM team, and ongoing maintenance. Manage privileged account lifecycle, tool updates, user training, incident resolution, and technology watch to ensure secure and compliant access management. **Expectations** - Deliver accurate modelling of privileged profiles and related authorisations. - Maintain up‑to‑date technical documentation and procedures. - Conduct test‑case writing and acceptance testing. - Prioritise and adapt IAM tooling (Sailpoint/IDENT‑IT) to evolving requirements. - Provide stable, operational support for security infrastructure. - Keep abreast of IAM security trends and best practices. **Key Responsibilities** 1. Model and document privileged user profiles on IDENT‑IT. 2. Gather client requirements and translate them into technical specifications. 3. Draft test cases, execute tests, and perform acceptance reviews. 4. Coordinate with the IAM department and other stakeholders. 5. Oversee privileged account request, review, and lifecycle management. 6. Adapt and optimise the Sailpoint IAM tool for privileged accounts. 7. Classify and manage technical accounts’ privilege levels. 8. Train users, application owners, and security personnel on IDENT‑IT. 9. Ensure continuous operation of the IAM tool and associated security infrastructure. 10. Resolve incidents, troubleshoot issues, and perform configuration updates. 11. Conduct ongoing technology and threat intelligence surveillance. **Required Skills** - Proven experience in IAM security, especially privileged account management. - Proficiency in scripting/programming (e.g., PowerShell, Python, Bash). - Strong communication, problem‑solving, and risk‑analysis abilities. - Team collaboration and independent work capability. - Excellent organisational skills and attention to detail. - Curiosity and commitment to continuous learning in IAM and cybersecurity. **Required Education & Certifications** - Degree from an engineering school or university in Computer Science, Information Systems, or Information Security. - Relevant certifications preferred: CISSP, CISM, CBK, or IAM‑specific (e.g., Identity Management Professional).

Company Name: SERMA SAFETY & SECURITY
Job Title: Ingénieur cybersécurité IAM (Sailpoint IIQ) H/F - (KSC/PSC/112025)
Job Description: Job title: Cybersecurity IAM Engineer (Sailpoint IIQ) Role Summary: Lead design, implementation, and deployment of identity and access management solutions using Sailpoint IIQ for a banking client. Work closely with development, security, and operations teams to integrate Sailpoint with existing applications, define access policies, and ensure secure, compliant identity governance. Expectations: - Deliver robust IAM solutions that meet banking industry security standards. - Independently manage Sailpoint integration and configuration projects from scope to delivery. - Maintain up‑to‑date knowledge of IAM best practices and emerging security technologies. Key Responsibilities: - Design and deploy Sailpoint IIQ architectures tailored to client needs. - Integrate Sailpoint with enterprise applications, systems, and services, ensuring secure data flows. - Define and enforce role-based access controls, governance policies, and identity lifecycle rules. - Conduct regular security testing, vulnerability assessments, and audits; recommend remediation actions. - Collaborate with development, security, and operations teams to resolve integration and policy challenges. - Document solutions, processes, and best‑practice guidelines. Required Skills: - Proven experience with Sailpoint IIQ IAM implementation and integration. - Strong scripting and programming skills (e.g., Python, PowerShell, JavaScript). - Deep understanding of identity governance, lifecycle management, and security controls. - Excellent communication, risk‑analysis, and problem‑solving abilities. - Ability to work autonomously and manage multiple priorities. Required Education & Certifications: - Bachelor's or Master’s degree in Computer Science, Information Security, or related field. - Relevant IAM certifications (e.g., Sailpoint Certified Professional, IDIR, CISSP) preferred.

Company Name: SERMA SAFETY & SECURITY
Job Title: Stage Développeur/Ingénieur Cybersécurité embarqué H/F - (KSC/IEC/112025)
Job Description: **Job title:** Embedded Cybersecurity Developer / Engineer Internship **Role Summary:** Support the R&D team in developing and validating hardware‑based attack tools for the next‑generation HARDSPLOIT platform. Design, implement, and test exploits targeting UART, I2C, CAN, and other GPIO‑connected protocols within Linux embedded and baremetal RISC‑V FPGA environments. **Expectations:** * 6‑month internship, starting April 2026. * Active contribution to the development of attack scenarios, labs, and demonstrations. * Collaboration with software and hardware engineers to deliver secure, reproducible test environments. **Key Responsibilities:** - Analyze HARDSPLOIT NG architecture and identify exploitation opportunities. - Develop and code new attacks exploiting communication protocols via GPIOs. - Port existing exploit modules to the HARDSPLOIT NG platform. - Design and document exercise suites, lab materials, and demo walkthroughs. - Execute test cycles on training boards, validate attack efficacy, and iterate based on results. - Collaborate closely with R&D peers to integrate findings into product releases. **Required Skills:** - Proficiency in Python (development of exploits, automation scripts). - Solid understanding of wired serial protocols: UART, I2C, CAN, SPI, etc. - Experience with embedded Linux and baremetal RISC‑V development environments. - Ability to design, implement, and test hardware‑centric exploits and intrusion tests. - Strong analytical, problem‑solving, and documentation skills. - Team orientation and effective communication with cross‑functional engineers. **Required Education & Certifications:** - Bachelor’s or Master’s (Bac+5) in Embedded Systems, Cybersecurity, Electrical Engineering, or related field. - Knowledge of hardware security concepts and intrusion testing is advantageous. - No specific certifications required, but relevant coursework or projects in embedded security or hardware exploitation preferred.

View 13 more jobs at SERMA SAFETY & SECURITY