This position is no longer available.

Application Security Engineer (x/f/m)

Permanent contract
Nancy
Salary: Not specified
No remote work

Doctolib
Doctolib

Interested in this job?

Questions and answers about the job

The position

Job description

What you will do

The Application Security Engineer will work among a team of 20 passionate security engineers, hands
-on and eager to share their knowledge. The Application Security Engineer will join the Product Security team that works closely with the Platform Security team and our GRC team.

Your responsibilities include but are not limited to:

  • Help our Product Owners to ship ‘secure by design’ features
  • Perform application
    -focus, offensive, security assessments of existing and upcoming Doctolib’s features and products
  • Enforce smart  CI/CD security tooling (SAST, dependencies checker)
  • Identify vulnerability in the source code and design of our products
  • Fix vulnerabilities or support development team on fixing
  • Maintain and contribute to Doctolib’s Secure Development Lifecycle
  • Contribute to Doctolib’s security at
    -scale by default
  • Raise awareness of our developers to security best practices
  • Contribute to our Red Team / Blue Team organization
  • Write public articles about oru security practices and participate in conferences with pairs.

Who you are

If you don’t meet all the requirements below but believe this opportunity matches your expectations and experience, we still encourage you to apply!

You could be our next team mate if you:

  • are passionate about application security and development
  • have a strong understanding of common and uncommon web application vulnerabilities and mitigations (OWASP Top10)
  • are experienced in a common programming language (Ruby, Python, Javascript,...). You have been a developper somehow.
  • are familiar or eager to learn about security vulnerabilities specific to Ruby on Rails
  • are able to collaborate with all people working in the company (tech & non
    -tech)
  • have proven communication skills
  • are autonomous, pragmatic & have good structuration skills
  • proactively contribute to Doctolib’s security

Now, it would be fantastic if you:

  • speak English and French fluently
  • have a good understanding of security in distributed systems at scale

What we offer

  • A 3
    -month dedicated onboarding program
    - the Doctolib Academy
  • A competitive health insurance paid 100% by the company
  • 5 weeks of paid vacation and up to 14 days of RTT
  • A stock
    -option program for each Doctoliber
  • Public transportation reimbursement (50%)
  • Discount on Urban Sport packages
  • A mental health and wellbeing offer in partnership with moka.care
  • The Doctolib Parent Care Program, including extended parental leave, meet
    -ups and inspiring conferences
  • A lunch voucher with Swile card (4,5euros)
  • Continuous training programs on all key competencies (English, soft skills, expertise)
  • Transparent internal mobility opportunities you're welcome to apply for 
  • High
    -quality office spaces supporting collaboration, health and wellbeing
  • A support for relocation in case of international mobilities and new joiners arriving to France from another country
  • Team building & Company events (Doctoberfest, Kids day, …)

About the flexible office policy at Doctolib

We provide 3 working modes, depending on your team set up.

  • Hybrid: you work 2 to 3 days per week from the office
  • Office
    -based: you always work from the office
  • Remote: you work remotely and meet your team once a month

The Interview process :

  • 30min phone screen with a Tech Recruiter
  • 1h interview with the hiring manager 
  • Case study
  • Meet the CISO 

Job details

  • Permanent Position
  • Full time
  • Location: Levallois
    -Perret
  • Start Date : ASAP

At Doctolib, we believe in improving access to healthcare for everyone
- regardless of where you come from, what you look like. This translates into our recruitment process: Doctolib is an equal opportunity employer. We don't just accept diversity at Doctolib, we respect and celebrate it!

The more diverse ideas are heard, the more our product will truly improve healthcare for all. You are welcome to apply to Doctolib, regardless of your gender, religion, age, sexual orientation, ethnicity, disability, or place of origin. If you have a disability, let us know if there's any way we can make the interview process smoother for you! 

All the information transmitted via this form is processed by Doctolib for the purpose of managing applications. For more information on how Doctolib processes your application data, click here.

If you wish to exercise your rights or if you have any questions about the processing of your data, you can write to us at hr.dataprivacy@doctolib.com.

Want to know more?

These job openings might interest you!

These companies are also recruiting for the position of “Software & Web Development”.