The opportunity

We are looking for a Senior Security Engineer, whose core focus will be to protect our customers’ and compliance data.

• Under the coordination of the CISO, participate in the definition of a multi-year, risk-driven security roadmap and policies, processes and guidance documents driving its implementation
• Defining our overall security policy and driving its implementation, including internal IT, production platform, facilities, etc.
• Implementing the security roadmap, either autonomously or with support from other engineering teams, either in a delivery or project management capacity, depending on the project.
• Participate in the security assurance activities that include third party audits, internal code and architecture reviews, red team exercises, bug bounty.
• Coordinate the remediation of vulnerabilities : reproduction, scoring, triage, prioritization, mitigation strategies, verification
• Improve our security monitoring and incident detection capabilities, relying on our Security Information and Event Management System (SIEM), working with infrastructure and development teams to identify and collect relevant information from Pigment’s platform
• Contribute to security investigations related to incident response and fraud investigation, develop automated routines
• Answering security questionnaires from our customersParticipation in our certification SOC2 and ISO 27001, GDPR compliance programs
• Participate in employee security awareness training and be a security evangelist towards key populations (developers, devops, HR)

Environment

• The scope of this role includes both the production environment and internal IT
• Sites in Paris, London and NYC
• Macos, Windows, Linux
• GCP, Kubernetes, Terraform, Postgres, SingleStore, Vault
• Okta, Oauth, JWT, C#, .NET Core, TypeScript, React, datadog
• Google Workspace, Google Identity, Vanta, Hibob, Slack, GitHub, HackerOne
• Compliance: SOC2, ISO27001

Who you are

You have at least 5 years of experience on security topics, either as Security Engineer or Security Project Manager (of course, you can be way more experienced!).
You are still hands-on (the position does not include management for now).
You have strong technical expertise in security and broad background in tech (development, databases, networking, web, etc)
You have great team spirit with a problem-solving, can-do attitude.
You have a good dose of humility and the willingness to grow (no matter your seniority!).
You speak English fluently (French is not mandatory!).

What you will get

Competitive salary
Equity
The best health insurance with Alan Blue entirely free for you and your family 💙
Trust and flexible working hours
Brand new offices in the heart of Paris (Sentier)
Remote-friendly environment. Part of the team is living outside of Paris. We ask people to spend at least 20% of their time in the office - although we are flexible - and to be in the same time zone +/- 1-2h.