Numberly is recognized as one of the world’s leading specialists in Data Marketing, with nearly 500 employees and 8 offices worldwide, serving over 500 top-tier clients (L'Oréal, Ipsen, Groupe Seb, Moleskine, Ouigo, Maje, HSBC). By putting technology at the service of both brands and consumers, Numberly is at the heart of business growth and the drive for more responsible and relevant marketing. Numberly leverages the latest advances in data processing, analysis, and media activation in a virtuous context that combines business competitiveness with enhanced privacy and data protection.

Job Description:

The security team is part of the Infrastructure & Security division. You will join a 4-person team working on GRC (Governance, Risk, Compliance) and DevSecOps topics.

Your role will involve securing both existing and new architectures and continuously improving technical security.

Your missions:

• Implementing and maintaining the operational conditions of IT security solutions
• Contributing to the drafting and enforcement of IT security policies and guidelines
• Supporting security audits and penetration testing
• Raising awareness on security best practices among employees
• Keeping up with the latest in cybersecurity technologies
• Integrating security into the software development lifecycle in collaboration with other teams
• Deploying and maintaining threat detection and response solutions (SIEM)
• Analyzing vulnerabilities and managing/tracking security updates for systems and applications with relevant teams
• Managing security incidents and developing/updating incident response plans
• Designing and implementing data protection solutions with business teams
• Training and supporting development and operations teams on security best practices
• Automating security processes and vulnerability management
• Designing and implementing identity and access management (IAM) solutions

Qualifications:

• Cybersecurity: Knowledge of security principles and best practices
• DevOps & SRE: Experience with Docker, Kubernetes, Ansible
• Scripting & Automation: Ability to script in Python or Bash to automate security and reliability tasks
• Security & Performance Testing: Experience with SAST/DAST tools and performance monitoring
• CI/CD & Incident Management: Ability to integrate security into CI/CD pipelines and proactively manage incidents
• Team Collaboration: Ability to work with development, operations, and SRE teams to integrate security and improve system reliability

Our stack includes:

• Cloud: AWS, Azure
• Automation: Ansible, Terraform
• CI/CD: GitLab, ArgoCD
• Virtualization: Proxmox
• Containers: Kubernetes (on-premises, AWS EKS, Azure AKS)
• Load-balancing: HAProxy, OpenResty (nginx), Envoy
• Monitoring: Prometheus, Thanos, Kafka, Elasticsearch, Graylog
• Tracing: Sentry
• Languages: Python, Go
• OS: Ubuntu / Debian
• APIs: GraphQL, REST
• Security tools and frameworks:
• MDM: Intune, Kandji, Landscape
• Logs: Kafka, Graylog
• IDS/IPS: Falco
• EDR: HarfangLab, Microsoft Defender for Endpoint
• Scanning: Ivre, Burp Suite
• SAST: GitLab SAST, Semgrep, etc.
• KMS/PKI: HashiCorp Vault
• Containers: Kyverno, Harbor

Example projects for 2025:

• Enhancing alerting capabilities of our SIEM and integrating CrowdSec
• Integrating an open-source WAF
• Scanning Docker images for vulnerabilities
• Integrating a managed external SOC

Check out some of our security-focused open-source projects:

vault-db-injector: our Kubernetes Admission Webhook for ephemeral credentials management within Kubernetes, enabling native isolation and credential rotation

python-vaultwarden: our library for automating Vaultwarden integration for 500+ employees


Additional information:

• At Numberly, we share a passion for transmission: weekly internal talks, meetings with expert professionals in their field, continuous learning.
• Fast and powerful onboarding, in particular thanks to: the mentor assigned to each newcomer; to Live my life in different teams; Happy Meetings: monthly internal meetings to meet up with all our teams around the world and share group news.
• We cultivate freedom of speech which allows everyone to participate in the development of the group.
• We act positively on our ecosystem through 1000mercis impacts and via our activities which create value in the Open Internet and contribute to the enrichment of Open Source.
• Numberly is an actor of diversity with a gender equity score of 97/100.
• Numberly is ISO/IEC 27001:2023 certified; this certification recognizes compliance with the highest standards in information security.
• Numberly is an international environment with more than 30 nationalities in our teams.
• Offices in the image of each of the teams, a generous library, a large fully equipped music studio, two cats, selective sorting and vermicomposting, the possibility of bringing your pet and space for bicycles! In each kitchen: coffee, tea, unlimited infusions and also mystery lunches, Wellpass (ex-Gymlib) partnership, sports classes and parties (often in disguise).
• Possibility of hybrid remote work schedule.
• Swile card (meal vouchers).
• Possible mobility in our various offices abroad.
• Numberly welcomes people with disabilities.