Application Security Engineer (x/f/m)

Application Security Engineer (x/f/m)

  • 54 Quai Charles Pasqua, Levallois-Perret, 92300
  • Permanent contract 
    Education: Not specified
    Experience: Not specified

    This position was filled!

    Who are they?

    Doctolib is a purpose-led company that strives for a healthier world with more than 2,800 employees across France, Italy, and Germany. Since 2013, Doctolib has been improving the daily lives of more than 340,000 healthcare professionals by providing them with new-generation technology and services.

    Doctolib also serves more than 70 million patients, offering a fast, frictionless and secure journey for all their care needs.

    Job description

    What you will do

    The Application Security Engineer will work among a team of 20 passionate security engineers, hands
    -on and eager to share their knowledge. The Application Security Engineer will join the Product Security team that works closely with the Platform Security team and our GRC team.

    Your responsibilities include but are not limited to:

    • Help our Product Owners to ship ‘secure by design’ features
    • Perform application
      -focus, offensive, security assessments of existing and upcoming Doctolib’s features and products
    • Enforce smart  CI/CD security tooling (SAST, dependencies checker)
    • Identify vulnerability in the source code and design of our products
    • Fix vulnerabilities or support development team on fixing
    • Maintain and contribute to Doctolib’s Secure Development Lifecycle
    • Contribute to Doctolib’s security at
      -scale by default
    • Raise awareness of our developers to security best practices
    • Contribute to our Red Team / Blue Team organization
    • Write public articles about oru security practices and participate in conferences with pairs.

    Who you are

    If you don’t meet all the requirements below but believe this opportunity matches your expectations and experience, we still encourage you to apply!

    You could be our next team mate if you:

    • are passionate about application security and development
    • have a strong understanding of common and uncommon web application vulnerabilities and mitigations (OWASP Top10)
    • are experienced in a common programming language (Ruby, Python, Javascript,...). You have been a developper somehow.
    • are familiar or eager to learn about security vulnerabilities specific to Ruby on Rails
    • are able to collaborate with all people working in the company (tech & non
    • have proven communication skills
    • are autonomous, pragmatic & have good structuration skills
    • proactively contribute to Doctolib’s security

    Now, it would be fantastic if you:

    • speak English and French fluently
    • have a good understanding of security in distributed systems at scale

    What we offer

    • A 3
      -month dedicated onboarding program
      - the Doctolib Academy
    • A competitive health insurance paid 100% by the company
    • 5 weeks of paid vacation and up to 14 days of RTT
    • A stock
      -option program for each Doctoliber
    • Public transportation reimbursement (50%)
    • Discount on Urban Sport packages
    • A mental health and wellbeing offer in partnership with
    • The Doctolib Parent Care Program, including extended parental leave, meet
      -ups and inspiring conferences
    • A lunch voucher with Swile card (4,5euros)
    • Continuous training programs on all key competencies (English, soft skills, expertise)
    • Transparent internal mobility opportunities you're welcome to apply for 
    • High
      -quality office spaces supporting collaboration, health and wellbeing
    • A support for relocation in case of international mobilities and new joiners arriving to France from another country
    • Team building & Company events (Doctoberfest, Kids day, …)

    About the flexible office policy at Doctolib

    We provide 3 working modes, depending on your team set up.

    • Hybrid: you work 2 to 3 days per week from the office
    • Office
      -based: you always work from the office
    • Remote: you work remotely and meet your team once a month

    The Interview process :

    • 30min phone screen with a Tech Recruiter
    • 1h interview with the hiring manager 
    • Case study
    • Meet the CISO 

    Job details

    • Permanent Position
    • Full time
    • Location: Levallois
    • Start Date : ASAP

    At Doctolib, we believe in improving access to healthcare for everyone
    - regardless of where you come from, what you look like. This translates into our recruitment process: Doctolib is an equal opportunity employer. We don't just accept diversity at Doctolib, we respect and celebrate it!

    The more diverse ideas are heard, the more our product will truly improve healthcare for all. You are welcome to apply to Doctolib, regardless of your gender, religion, age, sexual orientation, ethnicity, disability, or place of origin. If you have a disability, let us know if there's any way we can make the interview process smoother for you! 

    All the information transmitted via this form is processed by Doctolib for the purpose of managing applications. For more information on how Doctolib processes your application data, click here.

    If you wish to exercise your rights or if you have any questions about the processing of your data, you can write to us at


    Interested in this job?

    Share this job
    Questions and answers about the job