Context :

• Our typical customers are companies with hundreds of developers that are leveraging hundreds of services like SaaS applications, cloud infrastructures, or internal microservices and are mature on DevOps and cloud adoption.
• Our products are used by different teams: Software Development and Ops teams, Application Security, Threat Response and the buying decision comes from CISOs / CTOs / Directors of Security.

That’s why security and compliance are key responsibilities within our organization, your work will matter and will be taken very seriously !

The team :

• You will work closely with Kayssar (Security Engineer) and report directly to Guillaume (Engineering Manager of our “Engineering Plateform Tribe”).
• You will also work closely with our SRE team embracing a true DevSecOps philosophy !

The role :

• You will be responsible for contributing to the continuous improvement of the company’s security posture and help us enforce our compliance requirements in engineering and product design.
• You will divide your time between : 70% dedicated to compliance topics and 30% dedicated to security topics, we have an exciting roadmap for 2023 !

Missions

• Work with engineers and product managers to ensure all products are fully compliant and no issues arise.
• Manage existing company certifications regarding Privacy and Security (e.g. SOC2)
• Implement new certifications such as ISO27001 and Fedramp
• Research and analyze current processes to design compliance programs to ensure the company’s technical compliance with applicable laws and regulations.
• Work on improving our existing documentation and fill the gaps, produce reports on compliance tests, developments and processes
• Regularly conduct compliance testing and studies of the company’s products
• Implement best practice procedures for compliance and risk mitigation
• Update compliance knowledge as requirements change by tracking and researching emerging practices.
• Manage complaints and security issues related to product design and engineering department.
• Advise management on compliance related issues.

Why should you join us ?

🌴 A remote-friendly environment up to 3 days / week for people living close to Paris, and have a full-remote policy for people living outside
💸 An attractive package that includes stock-options
🏄A yearly holiday allowance
💻A home office allowance to improve your set-up at home, and the latest technology equipment
💰A referral bonus of 4k€ for any new Guardians we might hire thanks to you
👊 Working on a meaningful product, we already helped more than 200k developers!
🍺 Lots of team-building activities including 1 per month for the whole company
🚀 Many opportunities for career development in the long term
📈 A strong engineering culture, see this page to discover our R&D projects
🐕 Pet-friendly offices, every Guardian gets to bring their dogs
👫 Trust & autonomy on your perimeter with a very transparent internal communication

If you think you are only matching 70% to 80% of these criterias, please send us your resume !
And if you still have some questions before applying, you can directly write to us at : careers@gitguardian.com

• Like us, you embrace the DevSecOps philosophy and you love working in teams with a problem solving mindset
• You have 3+ years of experience of maintaining security insurance or certifications within certified cloud and software organizations
• You have a practical knowledge and experience designing, building, and sustaining ISO 27001 and SOC2
• You have a good knowledge of the GDPR and different laws relative to data privacy ideally in both US and Europe
• You speak french and english fluently
• You are proficient in report writing, analysis, and compliance procedures
• You are a great empathetic communicator : you are able to adapt your language and technical knowledge to different speakers and situations
• You have experience with product testing and process analysis
• You have a solid technical knowledge and understanding of product/process design

1 Visio call with a recruiter
To discover your professional project and evaluate if there could be a mutual match

1 Interview with your future manager
To know more about yourself, present to you the team : missions, rituals, seniority level, and making sure you would be able to succeed in the following steps of the recruitment process

1 Technical team interview
To evaluate your hard skills for the position and project yourself into the role

1 Final interview with the one of the co-founder
To explain to you our company’s vision and ambitions to the next couple of years, and make sure you are up for the position