Security & Compliance Engineer
What would you work on ?
- Our typical customers are companies with hundreds of developers that are leveraging hundreds of services like SaaS applications, cloud infrastructures, or internal microservices and are mature on DevOps and cloud adoption.
- Our products are used by different teams: Software Development and Ops teams, Application Security, Threat Response and the buying decision comes from CISOs / CTOs / Directors of Security.
That’s why security and compliance are key responsibilities within our organization, your work will matter and will be taken very seriously !
The team :
- You will work closely with Kayssar (Security Engineer) and report directly to Guillaume (Engineering Manager of our “Engineering Plateform Tribe”).
- You will also work closely with our SRE team embracing a true DevSecOps philosophy !
The role :
- You will be responsible for contributing to the continuous improvement of the company’s security posture and help us enforce our compliance requirements in engineering and product design.
- You will divide your time between : 70% dedicated to compliance topics and 30% dedicated to security topics, we have an exciting roadmap for 2023 !
- Work with engineers and product managers to ensure all products are fully compliant and no issues arise.
- Manage existing company certifications regarding Privacy and Security (e.g. SOC2)
- Implement new certifications such as ISO27001 and Fedramp
- Research and analyze current processes to design compliance programs to ensure the company's technical compliance with applicable laws and regulations.
- Work on improving our existing documentation and fill the gaps, produce reports on compliance tests, developments and processes
- Regularly conduct compliance testing and studies of the company's products
- Implement best practice procedures for compliance and risk mitigation
- Update compliance knowledge as requirements change by tracking and researching emerging practices.
- Manage complaints and security issues related to product design and engineering department.
- Advise management on compliance related issues.
More about you
If you think you are only matching 70% to 80% of these criterias, please send us your resume !
And if you still have some questions before applying, you can directly write to us at : firstname.lastname@example.org
- Like us, you embrace the DevSecOps philosophy and you love working in teams with a problem solving mindset
- You have 3+ years of experience of maintaining security insurance or certifications within certified cloud and software organizations
- You have a practical knowledge and experience designing, building, and sustaining ISO 27001 and SOC2
- You have a good knowledge of the GDPR and different laws relative to data privacy ideally in both US and Europe
- You speak french and english fluently
- You are proficient in report writing, analysis, and compliance procedures
- You are a great empathetic communicator : you are able to adapt your language and technical knowledge to different speakers and situations
- You have experience with product testing and process analysis
- You have a solid technical knowledge and understanding of product/process design
Why should you join us ?
- 🌴 A remote-friendly environment up to 3 days / week for people living close to Paris, and have a full-remote policy for people living outside
- 💸 An attractive package that includes stock-options
- 🏄A yearly holiday allowance
- 💻A home office allowance to improve your set-up at home, and the latest technology equipment
- 💰A referral bonus of 4k€ for any new Guardians we might hire thanks to you
- 👊 Working on a meaningful product, we already helped more than 200k developers!
- 🍺 Lots of team-building activities including 1 per month for the whole company
- 🚀 Many opportunities for career development in the long term
- 📈 A strong engineering culture, see this page to discover our R&D projects
- 🐕 Pet-friendly offices, every Guardian gets to bring their dogs
- 👫 Trust & autonomy on your perimeter with a very transparent internal communication
1 Visio call with a recruiter
To discover your professional project and evaluate if there could be a mutual match
1 Interview with your future manager
To know more about yourself, present to you the team : missions, rituals, seniority level, and making sure you would be able to succeed in the following steps of the recruitment process
1 Technical team interview
To evaluate your hard skills for the position and project yourself into the role
1 Final interview with the one of the co-founder
To explain to you our company’s vision and ambitions to the next couple of years, and make sure you are up for the position
Curious to know more about us ?
- GitGuardian is a global post series B cybersecurity startup, we raised $44M recently with American and European investors including top-tier VC firms.
- Among some of the visionaries who saw this unique market value proposition, are the co-founder of GitHub, Scott Chacon, along with Docker co-founder and CTO Solomon Hykes 👀
- We develop code security solutions for the DevOps generation and are a leader in the market of secrets detection & remediation.
- Our solutions are already used by hundreds of thousands of developers in all industries and GitGuardian Internal monitoring is the n°1 security app on the GitHub marketplace 🔥
- GitGuardian helps organizations find exposed sensitive information that could often lead to tens of millions of dollars in potential damage.
- We work with some of the largest IT outsourcing companies, publicly listed companies like Talend or tech companies like Datadog.
- More than 80% of our customers are in the United States.
- The majority of the team is based in Paris and we are growing fast, and in a sustainable way, while maintaining our core values.
- The Guardians are very knowledgeable, committed, serious, aligned with the company’s mission, and true team players : always willing to help pairs grow their skills !
- The team is diverse, come from more than 12 different nationalities and speak English regularly
- We are also very agile, remote-friendly, pet-friendly, and fun people to work with 🐕
- GitGuardian Paris
- Remote status
- Hybrid Remote
Guardians of Code
We develop code security solutions for the DevOps generation and are a leader in the market of secrets detection & remediation.
Our solutions are already used by hundreds of thousands of developers in all industries and GitGuardian Internal monitoring is the n°1 security app on the GitHub marketplace. GitGuardian helps organizations find exposed sensitive information that could often lead to tens of millions of dollars in potential damage.
We love wearing our Guardians’ cape, and help each other achieve high ambitions!
Security & Compliance Engineer
Loading application form