DevSecOps Engineer

About Aqemia
Our mission is to design fast innovative drug candidates for dozens of critical diseases.Aqemia is a next-gen pharmatech company generating one of the world's fastest-growing drug discovery pipeline.Our differentiation lies in our unique quantum and statistical mechanics algorithms fueling a generative artificial intelligence to design novel drug candidates. The disruptive speed and accuracy of our technological platform enables us to scale drug discovery projects just like tech projects. Our endeavors are further underscored by prestigious partnerships with industry leaders, including prominent pharmaceutical companies, FrenchTech ecosystem, and esteemed investment funds.

Your role as a DevSecOps at Aqemia

• You will be responsible for the integration of security measures into every phase of the software development lifecycle as well as the acquisition, setup and maintenance of any Security tool we would need to safeguard the organization.
• As a DevSecOps Engineer, you will work closely with the Compute team lead (for prioritization), development teams (for education, awareness & training) and core G&A (onboarding, offboarding…) to implement security best practices, automate security processes, and enhance the overall security posture of the organization. This role requires a deep understanding of DevOps practices, cloud environments, and security technologies.
• Frictionless Security: the right path should be the easy path
• Participate in Threat Modeling and Asset Classification efforts
• Champion, educate and evangelize Security initiatives within the organisation
• Foster developer-security collaboration on secure coding practices and process-changing decisions
• Contribute to the Software Development Lifecycle and Supply Chain Assurance efforts
• Write Configuration, Infrastructure, Pipeline, Policy as Code and setup drift detection
• Secure the Cloud and connections from & to it
• Automate everything: Infrastructure, Pipelines, Policies, Scans, Remediations etc.

The competencies we are looking for

• Prior experience as a DevOps/DevSecOps within an engineering organisation
• Knowledge of "Infrastructures as Code (IaC)" technologies like Terraform (Pulumi and Crossplane are a plus)
• Previous experience securing CI/CD pipelines and doing Supply Chain Assurance (SLSA and TUF are a plus)
• Previous experience doing Application security (OWASP TOP 10, secrets management, MITRE ATT@CK, etc.)
• Previous experience remediating Penetration test findings
• Solid knowledge of Cloud infrastructure and products (AWS, other cloud experience is a plus)
• Solid knowledge of containerization and OCI tooling (runtimes, builders, registries)
• Solid knowledge of secure Kubernetes practices (OPA, Kyverno, Kustomize and Timoni are a plus)
• Solid knowledge of AuthN, AuthZ and Identity and Access Management (IAM) (e.g AWS IAM, OIDC, Kubernetes RBAC, etc. – Zero Trust is a plus)
• Experience with Compliance and Security Programs is a plus (ISO27001, SOC2, GDPR, NIST 800­-53, 800­218, OpenSSF, SLSA, etc.)
• Proficiency in Python is a plus

Preferred mindset

• You find the right balance between quality and fast iterations
• You focus on impactful changes with frictionless designs
• You know how to interact with technical stakeholders that are wary of security driven changes
• You are eager to play an active role in contributing to Aqemia’s strategy to develop drugs for patients.
• You are anxious to bring your wealth of knowledge and skills to the table to inspire and coach brilliant people from diverse backgrounds.
• You are keen to solve tough problems on issues that truly matter, with a proactive and a can-do attitude.
• You thrive on working collaboratively in a fast-paced, interdisciplinary environment that keeps everyone on track.

Our Process

• 1 - Hiring Manager’s interview: you’ll meet directly with your future manager Zeïd (1h, visio call)
• 2 - Technical assessment of your skills: Take home assignment (minimum 4h) - on Github
• 3 - Cultural fit interview with our co-founder and COO Emmanuelle (45min)
• 4 - Final interview with our co-founder and CEO Maximilien (45min)

Stack & tools

• Our Stack:
• AWS
• Git on Github with Github Actions for CI/CD pipelines
• Kubernetes with Helm, Kustomize, ArgoCD
• Some of our Tools:
• Wiz.io
• Tailscale

About Us
We work for a mission: joining us means having your own impact on changing the way drugs are discovered, and helping to shape the direction of our fast-growing company and team.Our approach is completely unique in the industry, using AI & deep physics to discover new drugs.We are a team of +50 people from world-class institutions (AstraZeneca, GSK, Sanofi, Harvard, Princeton, Ecole Normale Supérieure, Ecole Polytechnique, BCG...).We are also a multinational team: our working language is English.Our founders boast : 10+ years of research experience at the Ecole Normale Supérieure in Paris, not to mention a stint at Oxford and Cambridge / 10+ years of strategy consulting experience at BCG.We are part of the French Tech 2030 program (https://lafrenchtech.com/fr/la-france-aide-les-startup/french-tech-2030/).We recently signed a $140 million contract with Sanofi to accelerate their drug discovery.Global Series A fundraising of up to 60M€.
What can we offerCompetitive salary and BSPCE policyHybrid remote working policy: 2 days/week can be worked remotelyBeautiful office in Paris, metro Pasteur (line 12)/Sèvres-Lecourbe (line 6)/Duroc (lines 13 & 10) - Montparnasse station less than 15 minutes walk.Alan mutuelle, Swile lunch cardTransportation: green participation if you come by bikeIf needed: a relocation package to move to Paris, including various services to help you get settled