Senior Security Engineer (Blue Team)
BlaBlaCar

BlaBlaCar

Senior Security Engineer (Blue Team)

  • CDI 
  • Paris
  • > 2 ans

L'entreprise

BlaBlaCar

BlaBlaCar

  • Application mobile, Mobilité, Économie collaborative
  • Entre 250 et 2000 salariés

Le poste

Senior Security Engineer (Blue Team)

  • CDI 
  • Paris
  • > 2 ans

Who are they?

BlaBlaCar is the world’s leading long-distance carpooling platform – a global, trusted community of 100 million members in 22 countries. BlaBlaCar is creating an entirely new, people-powered, travel network that connects people looking to travel long distances with drivers heading the same way, so they can travel together and share the cost. With the recent integration of a coach bus network, and a commuter service for short-distance carpooling, BlaBlaCar aims to become the go-to marketplace for shared mobility.

With a dedicated member relations service, a state of the art web and mobile platform, novel insurance solutions and a fast-growing community, BlaBlaCar is making travel social, cost-effective and practical for millions of members. BlaBlaCar is continuously innovating, developing smart-stop and smart-pricing algorithms that dynamically unlock millions of possible local meeting points and, in effect, turn every highway into a major transport line while also allowing for more granular point-to-point service in less accessible areas. By doubling the number of people in cars (from 1,9 to 3,9 people), BlaBlaCar saved 1.6 million tonnes of CO2 in 2018 (the equivalent of traffic in Paris for a year).

BlaBlaCar
Want to know more about BlaBlaCar?Company culture, teams, technical stack, jobs... Let's go for an immersion!
Visit the profile

Job description

About BlaBlaCar

BlaBlaCar is the world’s leading carpooling platform, created with one dream in mind: leveraging technology to fill the millions of empty seats on the road. We offer long- and short-distance carpooling as well as a bus marketplace, with the mission to become the go-to marketplace for shared road mobility.

Today, our community counts over 100 million travelers in 22 countries, creating a smarter, friendlier and carbon-saving transport network. Every year, our community saves 1.6 million tons of CO2e by sharing the road, equivalent to the CO2 emissions generated by Paris traffic in a year. But it doesn’t stop here – our team of 250+ engineers is developing innovative algorithms to further unlock the potential of shared travel and multiply its impact.

We’re looking for people to join our journey – people who care, who are driven by impact and innovation, and who want to thrive in a fast-paced entrepreneurial environment. We offer a flexible workplace where we count on each other to take initiative. So join the ride – we can’t wait to see where it takes you.

The context :

By joining our Foundations department, you will be working alongside talented individuals grouped in small agile teams that each have strong ownership of their stack and goals.

Foundations are composed of six teams that “provide consistent, easy to use, secured infrastructures, services, and expertise to support BlaBlaCar’s growth and evolution”.

The Security Team has three main objectives:

- Reduce BlaBlaCar risk exposure by defining and implementing a strategy to identify, report, and tackle the most critical risks

- Implement a shift-left strategy and autonomy within the teams via training, guidelines, and tooling

- Detect, investigate and respond to security incidents

Ideal profile: 4+ years of experience in security including +2 years of prior experience as a Blue Team (SOC) Security Engineer

Role description:

Lead BlaBlaCar security operations by organizing the team security RUN and participating in RUN activities. You will be in charge of expanding our SIEM detection and incident response capabilities. You will also increase our security coverage by integrating new security tools.

Missions:

Your core mission will be to ensure that the Security team has the proper tools, training, and processes to monitor, investigate and respond to threats.

1. Organise and lead the Security team RUN:

  • Maintain RUN rotation planning to ensure RUN continuity
  • Improve RUN tooling and processes
  • Improve incident response tooling and processes
  • 2. Maintain and develop SIEM (Splunk Cloud):

  • Add new relevant log sources
  • Add new relevant alerts
  • Enhance existing alerts
  • Maintain/enhance custom Python scripts for log collection, data enrichment, and alerting
  • 3. Integrate and deploy additional security tooling:

  • Snyk (dependency vulnerability scanning)
  • Secrets scan
  • 4. Be part of the Security RUN (in rotation with the rest of the Security team)

  • Investigate SIEM alerts on Splunk (5 alerts/day on average):
  • Virus / Malware (EDR on employees' laptops - Phishing on company email)
  • Authentication (Impossible travel/brute force/failed authentication)
  • Cloud Security (Prisma Cloud (PAN) alerts on potentially dangerous configuration for AWS and GCP)
  • Google Workspace activity (data exfiltration/privilege escalation)
  • Lead and coordinate basic incident response for low to medium-level security incidents following established procedures (less than one a month on average)
  • Your Qualifications:

  • Experience with Splunk
  • Security alert investigation
  • Global and broad knowledge regarding attackers' methods, techniques, and tooling
  • Prior experience in incident response
  • Coding skills (can read Python and Go and write Python scripts)
  • Familiar Beyond Corp like IT infrastructure
  • Familiar with Cloud environment
  • Familiar with GitOps (infra as code, GitHub, CI/CD, …)
  • Working proficiency in English and French
  • Good communication skills: you are able to explain complex security subjects to non-technical collaborators
  • If you don’t meet 100% of the qualifications outlined above, tell us why you’d still be a great fit for this role in your application!

    What we have to offer:

  • 🌎 An international environment: over 35 nationalities across 6 countries: Brazil, France, Germany, Poland, Spain, and Ukraine.
  • ⚖️ A flexible workplace: with our hybrid remote setup and family-friendly policies, we are masters of our own schedules and work-life balance, no questions asked.
  • 💡 A culture of sharing: 360 onboarding weeks, weekly team-all BlaBlaTalks to learn about what other teams are up to, Q&A sessions with our leadership, shared company KPIs, ‘Fail, Learn, Succeed’ moments where we destigmatize and share moments of failure with others.
  • 🚀 Innovation: Coding Nights to pitch ideas outside our roadmap and make dev’ dreams come true, weekly Product & Tech Demos and blogs to share engineering stories, and access to top conferences across Europe.
  • 🌱 Impact: building a product that has a real impact on society and the environment, and sharing an office culture that prioritizes low-waste and eco-friendly practices.
  • 💜 People-first: wind down from work at our weekly breakfasts and afterworks, or show off your talent at our annual BlaBlaShow.
  • 🧭 Shared company principles that guide us in our everyday decision-making and bring us closer to our goal. Find out more about our BlaBlaPrinciples.
  • Interested in joining the ride? Here’s what your hiring journey will look like.

  • a 45-min video-call with Oleksii Hudz one of our Talent Acquisition Managers to get to know you, understand your career expectations, and answer your questions
  • a 60 -min video-call with the Security team manager and Site Reliability team Engineering Manager
  • a 60-min video-call with a Security team engineer and another Foundations engineer to discuss your security knowledge
  • a 30 -min video-call with Nicolas Salvy - VP of Engineering, Infrastructure & Operations
  • Our hiring process lasts on average 20-25 days and offers usually come within 48 hours.

    BlaBlaCar is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.

    Your Future Benefits

    We offer benefits that have a positive impact on you and our society, just like our product!

    We are flexible - We adapt to your needs:

    - 🏠Full remote possible within your country of employment

    - 💵Home office financial support for equipment

    - 🚗Relocation package & visa support

    We are impactful - We shape our future together:

    - 📈Equity for all program

    - 🌳Company events like the impact day & coding nights

    - 💻Learning possibilities through trainings, mentoring, internal development programs, and events.

    - 🚌Free carpooling and bus rides

    We care - We care about you and your needs:

    - 👶 1-month additional parental leave 100% paid

    -🌴25 vacation days per year

    - Of course, we also cover the basics like transportation, healthcare, meal plan, etc.

    *Full remote: work from anywhere in France

    BlaBlaCar is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.

    BlaBlaCar

    BlaBlaCar

    Cette offre vous tente ?

    Postuler
    Questions and answers about the offer
    • Partager sur Linkedin
    • Partager sur Facebook
    • Partager sur Twitter

    D'autres offres de Sécurité

    Ces offres peuvent vous intéresser !

    Voir toutes les offres