About the role

As a Staff Security Engineer, you will play a crucial role in safeguarding Dashlane’s systems and ensuring that our secure development lifecycle remains cutting-edge. Collaborating across all departments, you will advocate for and implement best-in-class security practices, helping millions of Dashlane users enjoy a safer digital life.
Location-Specific |nformation:

You will be based in Paris, with English as your working language. Please ensure to attach any documents (resume’s or cover letters) in English during your application process.  We offer a hybrid work arrangement, with Tuesday being the company day, where we all collaborate in the office and have a company-sponsored meal, a department day for team bonding (will be Thursday for your department), and a third day at your choice.

At Dashlane you will:

• Drive the continuous improvement of Dashlane’s security program across the product and company

• Conduct architecture design reviews, threat modeling, and technical security assessments of Dashlane’s product (application and infrastructure) to identify security risks and provide mitigation guidance

• Ensure security best practices are integrated throughout the software development lifecycle (SDLC)

• Build upon and scale Vulnerability Management to ensure the team can track, analyze, and manage vulnerabilities and their remediation

• Perform risk assessments of Dashlane’s internal systems, environments, assets, and data, and implement security best practices accordingly

• Evaluate and implement security tooling and/or build customized tooling in-house where necessary

• Participate in Compliance and Incident Response

• Innovate and propose new forward-looking security features that protect Dashlane and our users

• Strong understanding of application and infrastructure security best practices, including experience with threat modeling, risk assessments, and incident response.

• Demonstrated experience building or improving an SDLC program

• Strong interest in cryptography and its application in modern systems

• Familiarity with CI/CD pipelines and their security implications

• Experience in Identity and Access Management (IAM) frameworks and protocols (Passkeys, SAML, OAuth, SCIM, etc)

• Knowledge of cloud platforms (e.g., AWS, Azure) and infrastructure (e.g., Kubernetes clusters), and familiarity with Infrastructure-as-Code tools like Terraform and Ansible

• Knowledge of JavaScript/TypeScript for secure application development

• Interest in enabling secure use of AI tools to drive efficiency, creativity, and impact internally

The critical competencies you’ll bring with you:

• Communication & Collaboration:  You engage and listen empathetically to others, adjusting your communication style to fit the audience and message. You are experienced in communicating with technical and non-technical audiences, external and internal parties.

• Mentoring: You enjoy using your knowledge and experience to support and uplevel those around you. 

• Motivated Learner: You learn new technologies and processes quickly, and understand where to look for knowledge when you need it. 

• Adaptability: You are a jack or jane of all trades - you’re comfortable digging into non-technical parts of the business to provide security support and guidance.