Senior Cyber Security Engineer

Contentsquare is the all-in-one experience intelligence platform designed to be easily used by anyone who cares about digital journeys. With our flexible and scalable platform, organizations quickly get a deep understanding of their customers' whole online journey.

We are a global leader in the experience analytics space, with a growing presence across 15 offices worldwide. We're here to stay-and we're looking for team members who are excited to drive impact and help us scale even further.

Our aim is to create an inclusive workplace where everyone learns and succeeds. Contentsquare has built a community of individuals who are daring, understanding, and deliberate. We invite you to join us in making the complex simpler-for our customers, their customers, and each other.

Important note: Be careful of scammers pretending to be from Contentsquare. We will never ask for money or contact you through random texts. For more information, visit our careers blog.

About the role:

The Contentsquare security team is seeking a dedicated Senior Cyber Security Engineer to play a key role in responding to security issues. We value practical security experience and up-to-date knowledge of best practices for detecting and responding to attacks. We welcome candidates who are collaborative, solution-oriented, and able to guide teams in mitigating security risks efficiently.

As part of the Development, Security, and Operations Team (DevSecOps), you will report directly to the Director of Cyber Security and work closely with our R&D team. Your main task will be to ensure the integrity of Contentsquare's products and to keep Contentsquare's users and customers safe. You will have the option to work from our Paris headquarters, our Barcelona office.

In your day to day you will:

• Respond to security incidents with professionalism and proactively identify ways to prevent similar incidents in the future.
• Develop security utilities and tools for internal use to support efficient and scalable operations for the Security Engineering team.
• Design and maintain security alerts, automated actions, and escalation workflows to support a high-performing 24/7 incident response capability.
• Regularly audit our technical platform and applications to ensure adherence to security best practices and identify potential misconfigurations.
• Improve our ability to respond to threats by leading new technology selection, configuration, internal product development, securing stakeholder buy-in, and implementation with a strong emphasis on automation.
• Design and coordinate cohesive responses to security events that involve multiple teams across the organization.
• Evaluate the impact to the organization of current security trends, advisories, and public exploits. Coordinate responses as necessary across affected teams to do the right thing for our customers and our organization.
• Manage and extend our security detection capabilities, including Security Information and Event Management (SIEM), Web Application Firewalls (WAF), honeypots, and open source tools.
• Recognize, adopt, and share best practices in security engineering throughout the organization, including development, network security, application security, cryptography, security operations, and incident response.
• Communicate effectively (in English) with diverse audiences and across varying levels of sensitivity.
• Establish metrics that demonstrate continuous improvements of the Security Monitoring & Incident Response Engineering capabilities, and execute on your proposed strategy for improvements.
• Participate in regular on-call responsibilities.

What We're Looking For:

• Typically, 3-5 years of practical experience in Security Operations, especially coordinating responses to security incidents.
• Experience in building effective partnerships with internal customers.
• Experience building out detection and response programs for a SaaS or cloud-native company.
• Solid experience with developing security tooling and integrating security layers into DevOps pipelines.
• Extensive knowledge of web protocols, security issues, common attacks, Linux/Unix tools, cloud architectures, and the threat landscape.
• Expertise with Security Information and Event Management (SIEM) and incident platforms, such as Google SecOps and PagerDuty.
• Deep knowledge of our technical stack and how to secure it, including:
• Cloud Providers: AWS, Azure
• Containerization & Orchestration: Kubernetes, Docker
• Infrastructure as Code: Ansible, Helm, Terraform
• Security & Monitoring Tools: Datadog ASM (as WAF), Google SecOps
• CI/CD & Automation: GitHub Actions, ArgoCD
• Scripting Languages: Shell, Python
• Frameworks & Libraries: NestJS, Vue.js, React.js
• Strong understanding of security concepts, standard methodologies, and how to apply them (e.g., SSH, public key encryption, access credentials, certificates, TLS, data encryption, OWASP Top 10).
• Analytical skills, autonomy, and accountability.
• Solid understanding of MITRE ATT&CK, NIST, or similar threat frameworks is strongly preferred.
• Fluent in English (French is a plus).

Why you should join Contentsquare

We invest in our people through career development, mentorship, social events, philanthropic activities, and competitive benefits. We are always assessing the perks we offer to ensure we're aligned with the employees' needs.

Here are a few we want to highlight:

- Virtual onboarding, Hackathon, and various opportunities to interact with your team and global colleagues both on and offsite each year

- Work flexibility: hybrid and remote work policies

- Generous paid time-off policy (every location is different)

- Immediate eligibility for birthing and non-birthing parental leave

- Wellbeing and Home Office allowances

- A Culture Crew in every country we're based in to coordinate regular activities for employees to get to know each other and bond outside of work

- Every full-time employee receives stock options, allowing them to share in the company's success

- We have multiple Employee Resource Groups, that offer a safe space for individuals who share common identities, life experiences, or allyship to connect, support one another, and passionately advocate for the issues close to their hearts

- And more benefits tailored to each country

Contentsquare is an equal opportunity employer. Qualified applicants will receive consideration for employment without regard to sex, gender identity or expression, sexual orientation, race, color, religion, national origin, disability, protected veteran status, age, or any other characteristic protected by law.

Your personal data is used by Contentsquare for recruitment purposes only. Read our Job Candidate Privacy Notice to find out more about data protection at Contentsquare and your rights. You can exercise your rights by using our dedicated Data Subject Rights Portal here.

Your personal data will be securely stored in our hosting provider's data center in Oregon (US west). We have implemented appropriate transfer mechanisms under applicable data protection laws.