Security Engineer

About GitGuardian

GitGuardian is a global cybersecurity scale-up. The company is based in Paris, New-York City, Boston.

Among our early investors who saw our market value proposition, are the co-founder of GitHub, Scott Chacon, along with Solomon Hykes , Docker's co-founder. American and European top-tier VC firms have also invested in GitGuardian.

GitGuardian leads the way in Non-Human Identity security , offering end-to-end solutions from secrets detection in code, productivity tools and environments to strong remediation, observability and proactive prevention of leaks. Our solutions are already used by more than 700K developers worldwide!

About your team and your mission

The Security & IT team is responsible for protecting GitGuardian’s infrastructure, applications, and internal access systems, while ensuring compliance with security standards and customer requirements.

It operates in a highly cross-functional way, working closely with engineering teams (product and infrastructure) to secure systems, support developers in building secure software (code reviews, security audits, awareness), and handle operational security and compliance topics (IAM, vulnerability management, alerting, incident response). The team also plays a key role in addressing customer security requirements and maintaining GitGuardian’s trust standards.

Key projects

•

Redesign of the identity and access management (IAM) system and migration to a cloud-based solution

•

Migration from VPN to Cloudflare Access

•

Improvements to monitoring and SIEM to reduce noise and strengthen alert detection

•

Strengthening vulnerability management and incident response processes

•

Ongoing SOC 2 compliance program and handling of customer security questionnaires

Your main responsibilities will be to

You work across both build (designing and automating security mechanisms) and run (handling security risks and operational security activities), in close collaboration with engineering teams.

Concretely, you will

•

Automate and strengthen Identity and Access Management (IAM) in partnership with the IT team (Terraform, Okta)

•

Improve software supply chain security, as well as patch management and vulnerability management programs

•

Develop security observability capabilities (monitoring, SIEM, alerting)

•

Design and deploy security mechanisms for corporate IT environments (ZTNA, SWG, etc.)

•

Contribute to application security through architecture and code reviews, as well as security assessments of new features

•

Take part in operational security activities: vulnerability and alert handling, incident response, and remediation coordination

•

Contribute to SOC 2 compliance and handle customer security questionnaires

Technical environment

Application & Pipeline Security

•

GitLab CI (pipeline security gates, SAST/DAST integration)

•

StackHawk (DAST)

•

GitGuardian (secrets detection)

•

YesWeHack (bug bounty)

Backend & Frontend

•

Python + Django, Rust, RabbitMQ, PostgreSQL, Redis

•

React / TypeScript

Infrastructure & DevSecOps

•

Docker, Kubernetes, Terraform, Helm

•

AWS, OVH

•

HashiCorp Vault (secrets management)

Security & Compliance

•

Panther SIEM

•

Cloudflare WAF

•

CrowdStrike (EDR/endpoint protection)

•

Vanta (SOC 2 compliance automation)

Monitoring & Observability

•

Coralogix

Identity & Access

•

Okta (SSO, SCIM provisioning)

•

Google Workspace

IT & Collaboration

•

Kandji, Landscape (device management)

•

n8n (workflow automation)

•

Notion, Slack, Linear

About you

If you think you match at least 70% of these criteria, please apply!

Here's what we consider essential for success in this role

•

You have at least 2 years of experience as a security, infrastructure, or software engineer

•

You know how to automate your workload using scripting languages (Bash, Python)

•

You are comfortable working in containerised environments (Docker at minimum, Kubernetes is a plus)

•

You understand the principles of Secret Management: never hardcode secrets, environment separation, rotation, least privilege

•

You know the basics of cloud and web application security

•

You are familiar with the administration of SaaS tools (Google Workspace, Okta, or equivalent)

•

You take initiative without being asked, own your work end to end, and look for impact beyond your immediate scope

•

You are open to using AI tools as part of your day-to-day work

•

You are fluent in English

The following skills would strengthen your application but aren't required:

•

Experience with Infrastructure as Code tooling (Terraform, Kubernetes, Helm, Ansible)

•

Experience building security monitoring and alerting systems (SIEM)

•

Experience with SOC 2 or ISO 27001 requirements

•

Experience with a software vendor scaleup

•

Familiarity with OWASP Top 10 and auditing methodologies

•

Speaking French

The interview process

• Video call with a Talent Acquisition team member
• Team interview / Interview with your future manager
• Technical interview

4.1 Final interview with an Executive Manager

4.2 References check

Benefits

•

💰 Package that includes BSPCE

•

🍜 Lunch voucher (Swile, 9€ at 50%)

•

👟 Sponsored Wellpass (gymlib)

•

🏥 Non-charged health insurance for children (Sidecare / Generali)

•

💻 Up to €300 to improve your home office set-up

•

🌴 Yearly holiday allowance

•

🤝 Referral bonus of 4000€ for any new Guardian we might hire thanks to you

•

🎡 Team building: monthly budget dedicated to each employee that you can spend as you wish, with colleagues (latest examples to date: Michelin star restaurant, karaoke, stand-up show, kitesurfing week-end, ...)

And also...

•

🏡 Remote policy: hybrid (3 days/week at the office in Paris)

•

📈 Opportunities for career development in the long term