SecOps H/F

Company Description

Born in France in 2006, Voyage Privé has grown from an ambitious startup into becoming the Europe's leading travel tech platform. Operating across 9 markets with tens of millions of users, we're not just another e-commerce success story - we're a tech powerhouse revolutionizing online travel.    

As a mission-driven company, we're unique in combining cutting-edge technology with social impact. Our innovative campus brings together tech talent, professional athletes, students, and artists, creating an ecosystem where digital innovation drives both business growth and positive change.    

We're now at an inflection point, upgrading our entire technical foundation with cloud architecture, AI, and real-time systems to become a reference and top-of-mind platform for luxury travel, known by travelers for its for excellent offer and customer experience, and by our providers as a high-performance business development partner.    

Why Join Us?  

• Work at the intersection of cutting-edge technology and a mission-driven company, transforming how millions experience travel.  

• Be part of an entrepreneurial team of innovators that isn't just building technology: we value innovation, ownership, and collaboration, with an emphasis on empowering engineers to make a difference.  

• Shape a fast-growing tech company as we embark on an ambitious plan to scale tenfold in the next decade.  

• Enjoy a workplace that invests in personal and professional development, offering learning programs, mentorship opportunities, and career growth pathways.  

• orship opportunities, and career growth pathways.

Job Description

The DevSecOps Engineer is responsible for integrating security throughout the development and operations cycle (CI/CD, infrastructure, cloud, monitoring). He/She contributes to implementing and improving security practices within DevOps teams while fostering a DevSecOps culture focused on automation, compliance, and collaboration. Their role is to ensure the resilience, reliability, and compliance of systems in the face of security threats. 

Key Responsibilities: 

1. Security Integration and Assessment:  

• Actively contribute to integrating security into DevOps processes 

• Conduct security assessments of existing systems 

• Implement vulnerability scanning tools (SAST, DAST, IAST, SCA) 

• Produce reports and propose improvement areas 

• Ensure integration of security practices into Agile/Scrum processes 

1. Infrastructure and CI/CD Pipeline Security : 

• Integrate security tools into DevOps pipelines 

• Implement access control and identity management policies (IAM, RBAC, OAuth) 

• Design and manage secure cloud and on-premise environments 

• Automate patch management and security updates 

• Conduct Proof of Concepts (POCs) for security solutions 

• Oversee production deployment of security solutions 

1. Monitoring and Incident Response : 

• Deploy threat monitoring and detection tools (SIEM, IDS/IPS) 

• Implement logging and traceability solutions (ELK, Grafana, Prometheus) 

• Establish proactive remediation strategies for security incidents 

• Participate in on-call rotation for incidents 

1. Compliance and Risk Management 

• Automate compliance with security regulations (e.g., PCI DSS) 

• Manage and automate regulatory compliance and risk management 

• Define and implement operational security dashboards and KPIs 

1. Automation and Continuous Improvement 

• Develop and deploy automated security manifests 

• Optimize microservices and container security (Kubernetes, Docker, Istio) 

• Continuously evaluate and improve secrets management strategies 

• Integrate security into the software development lifecycle (Shift-Left Security) 

1. Training and Knowledge Sharing 

• Train teams on security best practices 

• Collaborate closely with DevOps, Security, and Development teams 

• Document secure architectures for DevOps infrastructures 

Qualifications

Education 

• Bachelor's or Master's degree in Computer Science, Information Security, Cybersecurity, or a related technical field 

• Relevant professional certifications such as CISSP, CCSP, CEH, AWS Certified Security, or Google Cloud Professional Security Engineer are highly valued 

Experience 

• Minimum of 5 years of experience in DevOps, cybersecurity, or a related IT role 

• Proven track record of implementing security measures in cloud environments (GCP, AWS, Azure) 

• Hands-on experience with CI/CD pipelines and infrastructure as code 

Technical Skills 

• Proficiency in containerization technologies (Docker, Kubernetes) 

• Strong knowledge of Linux/UNIX operating systems 

• Experience with security tools such as SAST, DAST, IAST, and SCA 

• Familiarity with IAM solutions and Zero Trust architectures 

• Expertise in scripting languages (Python, Bash, PowerShell) 

• Understanding of network protocols and security concepts 

Soft Skills 

• Excellent problem-solving and analytical skills 

• Strong communication abilities, both written and verbal 

• Ability to work effectively in cross-functional teams 

• Self-motivated with a passion for continuous learning 

• Adaptability to rapidly changing technological environments 

Additional Information

You'll love joining us...   

• At Voyage Privé, the “entrepreneurial adventure” is a reality: take on ambitious and fulfilling projects, while joining a company committed to the growth of its teams.   
    

• Live in the South of France, in an exceptional natural, economic and cultural environment, on a modern, digital and eco-responsible campus.   
    

• Find your own balance with up to 2 days of telecommuting per week, which you can concentrate on one week at a time, up to 4 times a year.   
    

• Put meaning back into your work and discover a unique ecosystem, creating bridges between worlds that are often far apart: the economic, sporting, academic and social worlds, and take part in one of the Vision projects (Ecole des XV - Provence Rugby - VP Green- Les Tremplins - Chez Pierre).   
    

• Cancel your sports subscription! Access our large Campus gym morning, noon and night, and play Padel whenever you like on our court reserved exclusively for Voyage Privé employees...   
    

• Live to the rhythm of Voyage Privé's various Business & Fun highlights (Company Breaks, Carnival, Annual Convention...), take part in meetups and talks, and enjoy free tickets to every Provence Rugby home match or dance to the sounds of the Dalida Institute!   
    

• Would you like to take advantage of our getaway offers? Benefit from up to 20% off our irresistible prices.