Security Engineer

About GitGuardian

GitGuardian is a global post-Series B cybersecurity scale-up, with team members in France, Europe and in the USA.

Among our early investors who saw our market value proposition, are the co-founder of GitHub, Scott Chacon, along with Solomon Hykes, Docker's co-founder. American and European top-tier VC firms have also invested in GitGuardian.

GitGuardian leads the way in Non-Human Identity security, offering end-to-end solutions from secrets detection in code, productivity tools and environments to strong remediation, observability and proactive prevention of leaks. Our solutions are already used by more than 600K developers worldwide!

About your team and your mission

As a Security Engineer within GitGuardian’s Security & IT team, you will work under the management of our Security lead and interact with all Guardians.

The Security & IT team is responsible for protecting all GitGuardian’s assets & systems, implementing guardrails enabling teams to deliver securely. The team focuses on these four scopes: applications, infrastructure platform, IT & governance.

You’ll contribute to the security team’s general backlog, and your primary responsibility will be building scalable security mechanisms within GitGuardian’s software delivery pipeline, supply chain, service & corporate infrastructure.

Your main responsibilities will be to:

1. Work with the team on projects such as:

• Automating Identity and Access Management, using Terraform and Okta.
• Advancing on securing our software supply chain, and patch and vulnerability management program by designing reliable and maintainable automations.
• Improve our security observability & monitoring systems and processes.
• Design and implement security mechanisms for corporate IT users (eg, ZTNA, SWG).
• Enhance our application security by participating in architecture and code reviews with our project managers and developers, performing pentesting of new features, and assisting in offensive engagements.

2. Contribute to the team's operational activities such as:

• Handling reports from our bug bounty programs, ensuring timely coordination and remediation with relevant teams.
• Responding to identified threats & vulnerabilities detected by our security stack (SIEM, WAF, EDR, DAST, …).

Technical environment

• Frontend: React / TypeScript
• Backend: Python + Django, Rust, RabbitMQ, PostgreSQL, Redis
• Infrastructure: Docker, Kubernetes, Terraform, AWS, OVH
• Security: Okta, Vault, SignalSciences WAF, CarbonBlack, Vanta, YesWeHack, Panther, StackHawk

About you

If you think you match at least 70% of these criteria, please apply!

Here's what we consider essential for success in this role:

• Fluency in English.
• 1-2 years of experience as a security, infrastructure or software engineer.
• Strong experience with scripting languages (Bash, Python).
• Experience with Infrastructure as Code tooling (Terraform, Kubernetes, Helm, Ansible) and with containerized systems.
• Experience with CI/CD & toolchains.
• Substantial experience in cloud & web application security.
• Familiarity with the administration of SaaS tools (Google Workspace, Okta, …).

The following skills would strengthen your application, but aren't required:

• Speaking French.
• Experience building security monitoring & alerting systems.
• Experience with a software vendor scaleup.
• Experience with SOC 2 or ISO27001 requirements.

The interview process

At GitGuardian, we are committed to building a diverse, equitable and inclusive workforce.

We will ask for your gender identity on the application page to help us understand the diversity of our applicant pool and to track our progress in attracting and hiring a diverse workforce. The information is optional and will not be disclosed to the hiring manager or the interview team and will not be considered in the hiring process. We appreciate your willingness to share this with us so that we can continue to improve our diversity, equity and inclusion efforts.

1. Video call with a Talent Acquisition team member

To discover your professional project and evaluate if there could be a mutual match.

2. Interview with your future manager

To know more about yourself and your achievements, and present to you the team.

3. Technical interview

To evaluate your skills for the position and project yourself into the role.

4. Final interview with an Executive Manager

To detail our company’s vision and ambitions for the next couple of years.

Benefits

• 💰 Package that includes stock-options
• 🍜 Lunch voucher (Swile)
• 🏥 Non-charged health insurance for children (Sidecare / Generali)
• 💻 Up to €300 to improve your home office set-up
• 🌴 Yearly holiday allowance
• 🤝 Referral bonus of 4000€ for any new Guardian we might hire thanks to you
• 🎡 Team building: monthly budget dedicated to each employee that you can spend as you wish, with colleagues (latest examples to date: Michelin star restaurant, karaoke, stand-up show, kitesurfing week-end, ...)

And also...

• 🏡 Remote policy: hybrid (2 days/week at the office) or full-remote (but 3 days/month at the office)
• 📈 Opportunities for career development in the long term

More about GitGuardian!

Products

• Understand how GitGuardian works in this short video!
• Want to go even further? Check out our public roadmap!
• Check out the State of Secrets Sprawl Report to understand our mission and the industry.
• Our solutions are already used by hundreds of thousands of developers in all industries and GitGuardian platform is the n°1 app on the GitHub marketplace 🔥

Clients

• GitGuardian helps organizations find exposed sensitive information that could often lead to tens of millions of dollars in potential damage.
• More than 70% of our customers are in the United States.
• Many F500 companies use GitGuardian's platform.

People

• The Guardians are knowledgeable, committed, serious, aligned with the company’s mission, and true team players: always willing to help each other grow our skill sets!
• The team is diverse and we hail from more than 20 different countries.
• We are also agile, remote-friendly, and fun people to work with.
• You will get trust & autonomy on your perimeter with a very transparent internal communication and a strong impact on the company development.