Senior Security Engineer Ajouter aux favoris
- Security Strategy & Roadmap: Define a risk-driven security roadmap for Pigment's product and infrastructure. This includes designing new security features within the product and continuously enhancing defense-in-depth controls. Prioritise the roadmap items, and exercise influence on the product and engineering team to obtain their buy-in in their delivery
- Technical Security Advisory & Risk Assessment: Serve as a security advisor for developers, product managers, and other key stakeholders. Proactively identify and assess project-related risks and conduct thorough security reviews of code, architecture, and configurations. Deliver actionable solutions that strike an acceptable balance between risk and business benefit, escalating any high-stakes occurrences that require senior management intervention or arbitration.
- Security Assurance & Testing: Participate in security assurance activities, such as coordinating third-party audits, conducting internal code, architecture and configuration reviews, managing red team exercises, and overseeing the bug bounty program. Facilitate the compliance efforts by measuring and managing controls KPIs
- Vulnerability Management: Drive the end-to-end vulnerability remediation process, covering detection, reproduction, scoring, triage, prioritization, design or validation of mitigation strategies, verification of remediation, and management/improvement of vulnerability KPIs.
- Monitoring & Incident Detection: Continuously improve our security monitoring and incident detection capabilities, working with infrastructure and development teams to identify and collect relevant datapoints, identify security events having a high signal/noise ratio and implement alerts and response playbooks for them.
- Incident Response & Automation: Contribute to security investigations related to incident response and fraud. Develop automated routines to enhance efficiency in these areas.
- Security Evangelism: Participate in developing and delivering employee security awareness training. Act as a security evangelist, particularly for key internal groups such as product teams and developers and SREs.
- Drive the secure design and development of Pigment's AI-powered features (including MCP Server and Modeler Agent) by performing threat modeling, conducting design reviews, partnering closely with engineers, and performing security assessments.
- Continuous improvement of the implementation of least privilege across the production environment, and CI/CD
- Improve the efficiency of Security processes, leveraging automation and AI systems (ex: SIEM)
- Sites in Paris, London and NYC
- Macos, Windows, Linux
- GCP, Kubernetes, Terraform, Postgres, SingleStore, Vault
- Okta, OAuth, JWT, C#, .NET Core, TypeScript, React, Python, Go
- Datadog (SIEM), CloudFlare ZTNA, Falco, Wiz, Riot
- Google Workspace, Jumpcloud, Vanta, Hibob, Slack, GitHub, HackerOne
- Compliance: SOC1, SOC2, ISO27001
- You are hands-on (the position does not include people management).
- You have strong technical expertise in security and broad background in tech (development, databases, networking, web, etc)
- You have great team spirit with a problem-solving, can-do attitude.
- You have a good dose of humility and the willingness to grow and help your team grow (no matter your seniority).
- You speak English fluently.
#LI-HYBRID What we offer
- Competitive package
- Stock options to ensure you have a stake in Pigment's growth
- The best health insurance with Alan Blue, entirely free for you and your family
- Weekly Lunch and Lunch vouchers (Swile card) to cover your lunch breaks with total flexibility
- Subscription to Egym Wellpass (ex-Gymlib) for full access to gyms, studios, and wellness spaces across France
- A Learning Stipend per year, for you to develop into areas that amplify impact for your careers or personal development
- Remote work stipend to have the best work station possible at home
- Along with one company offsite every year, we have brand new offices at the heart of major cities including New York, San Francisco, Toronto, Paris, and London
- High-end equipment (based on stock/availability) to do your work in the best conditions
Emplois Recommandés
Alternance Expertise OPC
Description Depuis plus de 50 ans, Aplitec conseille de nombreuses entreprises et leurs dirigeants, en France ainsi qu’à l’international. La diversité de nos domaines d’intervention, nous permet d…
Christian Dior CDD Retail Performance Project Manager (H/F)
Position House of Dreams, House of Talents "Whatever you do - for work or pleasure - do it with passion! Live with passion!"* Christian Dior Christian Dior was the designer of dreams. In foun…
Educateur de jeunes enfant (H/F/X)
Présentation de la Croix Rouge Vous recherchez du sens et souhaitez vous épanouir au sein d’une association engagée et porteuse de valeurs humanistes : Depuis plus de 100 ans, la filière Peti…
Travailleur Social H/F (ASS-ES-CESF)
Le CHRS Palais du Peuple accueille et accompagne des hommes isolés à partir de 18 ans et dispose aujourd’hui de 108 places en chambres individuelles ou doubles. Notre mission est d’offrir un héberge…
Sales Assistant Flagship Store Paris (m/f/d)
Sales Assistant Flagship Store Paris (m/f/d) France / Paris CYBEX is a company that puts tomorrow’s people at the heart of its brand. Always questioning the status quo and not afraid of …
Senior Applied Scientist
We are bsport. The place to be! bsport is an all-in-one platform combining boutique fitness and advanced technology. Our platform helps our partners manage their bookings, payroll, marketing and mo…
Alternance Assistant d'équipe / Vendeur - Paris (F/H)
L’ISCOD, spécialiste de la formation en Digital Learning, recherche pour son entreprise partenaire, spécialisée dans la pâtisserie artisanale, un(e) vendeur(se) - Assistant(e) d'équipe , pour prépa…
AI Compliance (Second Line of Defence) - Vice President Ajouter aux favoris
Job Description Join the JPMSE Compliance team as a Compliance Vice President, reporting functionally to the EMEA Head of Data & AI CCOR. The role is partnering effectively with local management, …
Chargé(e) des admissions et promotion des formations F/H
Description de l'entreprise Le Groupe Diderot Éducation est aujourd’hui l’un des groupes leaders de l’enseignement privé en France. Allant du Bac+1 au Bac+5, il se distingue par l’e…
Lead Brand
Skello en bref Chez Skello, on développe la solution RH de référence pour planifier et manager les équipes de terrain. En Europe, les équipes de terrain représentent 50 % des travailleurs, mais…